RYAN WEAVER

Web Designer & Developer

Never Ending Cyber Security

During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

1. Backup on-prem
2. Backup cloud/SaaS
3. Restore test
4. 3-2-1 backup method
5. Ransomware protection
6. Redundancy
7. DDos protection
8. Single point of failure
9. Network segregation
10. Endpoint security
11. Firewall/gateway protection
12. Break glass policies/solutions
13. IoT security
14. Segregartion of duties
15. DevSecOps
16. Secrets management
17. Sql injection protection
18. Cross site scripting
19. Brute force prevention
20. Patch management
21. Identity access management
22. Privileged access principels
23. Network Monitoring Tools (Siem)
24. Intrusion Detection Systems
25. Cloud access security broker
26. DNS filter/URL filtering.
27. Honeypot
28. Penetration testing
29. Physical access security
30. VPN when working outsite the organization’s network
31. Avoid non-company IT services
32. No non-standard software installed on personal PC’s
33. Sandboxes for testing/investigating
34. E-mail security
35. Awareness training
36. USB port policies
37. Work phone policies
38. Data categorization
39. No clear text passwords
40. Encryption in transit
41. Encryption at rest
42. Encryption key management
43. E-mail encryption
44. Disk encryption
45. Backup encryption
46. Data loss prevention solution
47. Zero-trust principle
48. Least privilege principle
49. Privileged account policies
50. Secrets management
51. RBAC
52. AD security
53. Service accounts security policies
54. Multi-factor authentication
55. Antivirus software
56. Incident response

Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

Improve IT

What I Do

I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

  • Employee onboarding/offboarding processes
  • How the employees behave on the behalf of the organization
  • Security and backup of all the cloud solutions you subscribe to
  • Emergency procedures

They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

Assessment
I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

Strategy
In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

Implementation
The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

Ongoing support
New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

How my services will fit you
IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

And at last, the brutal truth
IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

Text on panel

This is text about the IT security review.

CONTACT

CONTACT ME

Phone

+45 29 64 65 53

E-mail

rene@rosendal-hansen.dk

Location

Copenhagen, Denmark

Connect

linkedin.com/in/renerosendal/

Let's Talk

    PORTFOLIO

    PORTFOLIO

    Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

    FILTERS
    • All
    • SEO
    • Web Design
    • WordPress
    Cernantur enim se cernantur illum.

    PHOTO GALLERY

    Cernantur enim se cernantur illum.

    Illum excepteur e domestic sia.

    VIDEO GALLERY

    Illum excepteur e domestic sia.

    Do labore pariatur ut fugiat cupid.

    AUTOPLAY ON

    Do labore pariatur ut fugiat cupid.

    Nisi commodo commodo, voluptate sunt.

    PHOTO GALLERY

    Nisi commodo commodo, voluptate sunt.

    Cillum nescius hic anim cillum.

    SINGLE PORTFOLIO

    Cillum nescius hic anim cillum.

    Cernantur enim se cernantur illum.

    ANOTHER GALLERY

    Cernantur enim se cernantur illum.

    RESUME
    RESUME

    EXPERIENCE

    Senior Developer - Google Inc

    2010 to present

    2010

    Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

    Art Director - Designs Ltd

    2008-2010

    2008

    Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

    Web Designer - Web Agency

    2005-2008

    2005

    Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


    EDUCATION

    The University of Texas

    1997-2002

    1997

    Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

    Institue of Design

    1994-1997

    1994

    Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


    SKILLS

    Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

    HTML5
    75%
    CSS3
    65%
    jQuery
    50%
    PHP
    80%
    WordPress
    100%
    SEO
    75%
    Photoshop
    70%
    ABOUT ME
    ABOUT ME

    About Me

    I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

    In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

    While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

    By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

    - ChatGPT on behalf of René Rosendal

    Location

    Copenhagen

    Languages

    Danish, English, SQL


    Profession

    IT Architect

    Availability

    Evenings/Weekends


    Resume

    Senior IT Architect

    2022 - present

    Falck

    Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

    Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
    Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
    IT Architect

    2020-2022

    Forca

    Solution Architect within a scaled agile setup

    Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
    Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
    Consultant

    2018-2020

    Deloitte

    Consultant within the areas of business intelligence, automation & architecture

    Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
    Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
    BI Consultant

    2016-2018

    Inspari

    Business intelligence consultant

    Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
    Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
    Never Ending Cyber Security

    During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

    I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

    I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

    I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

    At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

    1. Backup on-prem
    2. Backup cloud/SaaS
    3. Restore test
    4. 3-2-1 backup method
    5. Ransomware protection
    6. Redundancy
    7. DDos protection
    8. Single point of failure
    9. Network segregation
    10. Endpoint security
    11. Firewall/gateway protection
    12. Break glass policies/solutions
    13. IoT security
    14. Segregartion of duties
    15. DevSecOps
    16. Secrets management
    17. Sql injection protection
    18. Cross site scripting
    19. Brute force prevention
    20. Patch management
    21. Identity access management
    22. Privileged access principels
    23. Network Monitoring Tools (Siem)
    24. Intrusion Detection Systems
    25. Cloud access security broker
    26. DNS filter/URL filtering.
    27. Honeypot
    28. Penetration testing
    29. Physical access security
    30. VPN when working outsite the organization’s network
    31. Avoid non-company IT services
    32. No non-standard software installed on personal PC’s
    33. Sandboxes for testing/investigating
    34. E-mail security
    35. Awareness training
    36. USB port policies
    37. Work phone policies
    38. Data categorization
    39. No clear text passwords
    40. Encryption in transit
    41. Encryption at rest
    42. Encryption key management
    43. E-mail encryption
    44. Disk encryption
    45. Backup encryption
    46. Data loss prevention solution
    47. Zero-trust principle
    48. Least privilege principle
    49. Privileged account policies
    50. Secrets management
    51. RBAC
    52. AD security
    53. Service accounts security policies
    54. Multi-factor authentication
    55. Antivirus software
    56. Incident response

    Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

    To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

    I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

    In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

    Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

    Improve IT

    What I Do

    I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

    • Employee onboarding/offboarding processes
    • How the employees behave on the behalf of the organization
    • Security and backup of all the cloud solutions you subscribe to
    • Emergency procedures

    They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

    I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

    Assessment
    I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

    Strategy
    In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

    Implementation
    The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

    Ongoing support
    New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

    How my services will fit you
    IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

    My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

    And at last, the brutal truth
    IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

    Text on panel

    This is text about the IT security review.

    CONTACT

    CONTACT ME

    Phone

    +45 29 64 65 53

    E-mail

    rene@rosendal-hansen.dk

    Location

    Copenhagen, Denmark

    Connect

    linkedin.com/in/renerosendal/

    Let's Talk

      PORTFOLIO

      PORTFOLIO

      Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

      FILTERS
      • All
      • SEO
      • Web Design
      • WordPress
      Cernantur enim se cernantur illum.

      PHOTO GALLERY

      Cernantur enim se cernantur illum.

      Illum excepteur e domestic sia.

      VIDEO GALLERY

      Illum excepteur e domestic sia.

      Do labore pariatur ut fugiat cupid.

      AUTOPLAY ON

      Do labore pariatur ut fugiat cupid.

      Nisi commodo commodo, voluptate sunt.

      PHOTO GALLERY

      Nisi commodo commodo, voluptate sunt.

      Cillum nescius hic anim cillum.

      SINGLE PORTFOLIO

      Cillum nescius hic anim cillum.

      Cernantur enim se cernantur illum.

      ANOTHER GALLERY

      Cernantur enim se cernantur illum.

      RESUME
      RESUME

      EXPERIENCE

      Senior Developer - Google Inc

      2010 to present

      2010

      Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

      Art Director - Designs Ltd

      2008-2010

      2008

      Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

      Web Designer - Web Agency

      2005-2008

      2005

      Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


      EDUCATION

      The University of Texas

      1997-2002

      1997

      Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

      Institue of Design

      1994-1997

      1994

      Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


      SKILLS

      Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

      HTML5
      75%
      CSS3
      65%
      jQuery
      50%
      PHP
      80%
      WordPress
      100%
      SEO
      75%
      Photoshop
      70%
      ABOUT ME
      ABOUT ME

      About Me

      I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

      In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

      While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

      By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

      - ChatGPT on behalf of René Rosendal

      Location

      Copenhagen

      Languages

      Danish, English, SQL


      Profession

      IT Architect

      Availability

      Evenings/Weekends


      Resume

      Senior IT Architect

      2022 - present

      Falck

      Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

      Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
      Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
      IT Architect

      2020-2022

      Forca

      Solution Architect within a scaled agile setup

      Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
      Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
      Consultant

      2018-2020

      Deloitte

      Consultant within the areas of business intelligence, automation & architecture

      Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
      Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
      BI Consultant

      2016-2018

      Inspari

      Business intelligence consultant

      Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
      Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
      Never Ending Cyber Security

      During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

      I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

      I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

      I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

      At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

      1. Backup on-prem
      2. Backup cloud/SaaS
      3. Restore test
      4. 3-2-1 backup method
      5. Ransomware protection
      6. Redundancy
      7. DDos protection
      8. Single point of failure
      9. Network segregation
      10. Endpoint security
      11. Firewall/gateway protection
      12. Break glass policies/solutions
      13. IoT security
      14. Segregartion of duties
      15. DevSecOps
      16. Secrets management
      17. Sql injection protection
      18. Cross site scripting
      19. Brute force prevention
      20. Patch management
      21. Identity access management
      22. Privileged access principels
      23. Network Monitoring Tools (Siem)
      24. Intrusion Detection Systems
      25. Cloud access security broker
      26. DNS filter/URL filtering.
      27. Honeypot
      28. Penetration testing
      29. Physical access security
      30. VPN when working outsite the organization’s network
      31. Avoid non-company IT services
      32. No non-standard software installed on personal PC’s
      33. Sandboxes for testing/investigating
      34. E-mail security
      35. Awareness training
      36. USB port policies
      37. Work phone policies
      38. Data categorization
      39. No clear text passwords
      40. Encryption in transit
      41. Encryption at rest
      42. Encryption key management
      43. E-mail encryption
      44. Disk encryption
      45. Backup encryption
      46. Data loss prevention solution
      47. Zero-trust principle
      48. Least privilege principle
      49. Privileged account policies
      50. Secrets management
      51. RBAC
      52. AD security
      53. Service accounts security policies
      54. Multi-factor authentication
      55. Antivirus software
      56. Incident response

      Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

      To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

      I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

      In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

      Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

      Improve IT

      What I Do

      I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

      • Employee onboarding/offboarding processes
      • How the employees behave on the behalf of the organization
      • Security and backup of all the cloud solutions you subscribe to
      • Emergency procedures

      They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

      I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

      Assessment
      I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

      Strategy
      In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

      Implementation
      The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

      Ongoing support
      New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

      How my services will fit you
      IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

      My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

      And at last, the brutal truth
      IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

      Text on panel

      This is text about the IT security review.

      CONTACT

      CONTACT ME

      Phone

      +45 29 64 65 53

      E-mail

      rene@rosendal-hansen.dk

      Location

      Copenhagen, Denmark

      Connect

      linkedin.com/in/renerosendal/

      Let's Talk

        PORTFOLIO

        PORTFOLIO

        Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

        FILTERS
        • All
        • SEO
        • Web Design
        • WordPress
        Cernantur enim se cernantur illum.

        PHOTO GALLERY

        Cernantur enim se cernantur illum.

        Illum excepteur e domestic sia.

        VIDEO GALLERY

        Illum excepteur e domestic sia.

        Do labore pariatur ut fugiat cupid.

        AUTOPLAY ON

        Do labore pariatur ut fugiat cupid.

        Nisi commodo commodo, voluptate sunt.

        PHOTO GALLERY

        Nisi commodo commodo, voluptate sunt.

        Cillum nescius hic anim cillum.

        SINGLE PORTFOLIO

        Cillum nescius hic anim cillum.

        Cernantur enim se cernantur illum.

        ANOTHER GALLERY

        Cernantur enim se cernantur illum.

        RESUME
        RESUME

        EXPERIENCE

        Senior Developer - Google Inc

        2010 to present

        2010

        Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

        Art Director - Designs Ltd

        2008-2010

        2008

        Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

        Web Designer - Web Agency

        2005-2008

        2005

        Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


        EDUCATION

        The University of Texas

        1997-2002

        1997

        Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

        Institue of Design

        1994-1997

        1994

        Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


        SKILLS

        Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

        HTML5
        75%
        CSS3
        65%
        jQuery
        50%
        PHP
        80%
        WordPress
        100%
        SEO
        75%
        Photoshop
        70%
        ABOUT ME
        ABOUT ME

        About Me

        I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

        In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

        While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

        By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

        - ChatGPT on behalf of René Rosendal

        Location

        Copenhagen

        Languages

        Danish, English, SQL


        Profession

        IT Architect

        Availability

        Evenings/Weekends


        Resume

        Senior IT Architect

        2022 - present

        Falck

        Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

        Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
        Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
        IT Architect

        2020-2022

        Forca

        Solution Architect within a scaled agile setup

        Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
        Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
        Consultant

        2018-2020

        Deloitte

        Consultant within the areas of business intelligence, automation & architecture

        Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
        Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
        BI Consultant

        2016-2018

        Inspari

        Business intelligence consultant

        Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
        Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
        Never Ending Cyber Security

        During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

        I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

        I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

        I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

        At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

        1. Backup on-prem
        2. Backup cloud/SaaS
        3. Restore test
        4. 3-2-1 backup method
        5. Ransomware protection
        6. Redundancy
        7. DDos protection
        8. Single point of failure
        9. Network segregation
        10. Endpoint security
        11. Firewall/gateway protection
        12. Break glass policies/solutions
        13. IoT security
        14. Segregartion of duties
        15. DevSecOps
        16. Secrets management
        17. Sql injection protection
        18. Cross site scripting
        19. Brute force prevention
        20. Patch management
        21. Identity access management
        22. Privileged access principels
        23. Network Monitoring Tools (Siem)
        24. Intrusion Detection Systems
        25. Cloud access security broker
        26. DNS filter/URL filtering.
        27. Honeypot
        28. Penetration testing
        29. Physical access security
        30. VPN when working outsite the organization’s network
        31. Avoid non-company IT services
        32. No non-standard software installed on personal PC’s
        33. Sandboxes for testing/investigating
        34. E-mail security
        35. Awareness training
        36. USB port policies
        37. Work phone policies
        38. Data categorization
        39. No clear text passwords
        40. Encryption in transit
        41. Encryption at rest
        42. Encryption key management
        43. E-mail encryption
        44. Disk encryption
        45. Backup encryption
        46. Data loss prevention solution
        47. Zero-trust principle
        48. Least privilege principle
        49. Privileged account policies
        50. Secrets management
        51. RBAC
        52. AD security
        53. Service accounts security policies
        54. Multi-factor authentication
        55. Antivirus software
        56. Incident response

        Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

        To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

        I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

        In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

        Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

        Improve IT

        What I Do

        I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

        • Employee onboarding/offboarding processes
        • How the employees behave on the behalf of the organization
        • Security and backup of all the cloud solutions you subscribe to
        • Emergency procedures

        They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

        I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

        Assessment
        I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

        Strategy
        In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

        Implementation
        The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

        Ongoing support
        New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

        How my services will fit you
        IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

        My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

        And at last, the brutal truth
        IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

        Text on panel

        This is text about the IT security review.

        CONTACT

        CONTACT ME

        Phone

        +45 29 64 65 53

        E-mail

        rene@rosendal-hansen.dk

        Location

        Copenhagen, Denmark

        Connect

        linkedin.com/in/renerosendal/

        Let's Talk

          PORTFOLIO

          PORTFOLIO

          Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

          FILTERS
          • All
          • SEO
          • Web Design
          • WordPress
          Cernantur enim se cernantur illum.

          PHOTO GALLERY

          Cernantur enim se cernantur illum.

          Illum excepteur e domestic sia.

          VIDEO GALLERY

          Illum excepteur e domestic sia.

          Do labore pariatur ut fugiat cupid.

          AUTOPLAY ON

          Do labore pariatur ut fugiat cupid.

          Nisi commodo commodo, voluptate sunt.

          PHOTO GALLERY

          Nisi commodo commodo, voluptate sunt.

          Cillum nescius hic anim cillum.

          SINGLE PORTFOLIO

          Cillum nescius hic anim cillum.

          Cernantur enim se cernantur illum.

          ANOTHER GALLERY

          Cernantur enim se cernantur illum.

          RESUME
          RESUME

          EXPERIENCE

          Senior Developer - Google Inc

          2010 to present

          2010

          Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

          Art Director - Designs Ltd

          2008-2010

          2008

          Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

          Web Designer - Web Agency

          2005-2008

          2005

          Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


          EDUCATION

          The University of Texas

          1997-2002

          1997

          Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

          Institue of Design

          1994-1997

          1994

          Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


          SKILLS

          Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

          HTML5
          75%
          CSS3
          65%
          jQuery
          50%
          PHP
          80%
          WordPress
          100%
          SEO
          75%
          Photoshop
          70%
          ABOUT ME
          ABOUT ME

          About Me

          I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

          In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

          While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

          By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

          - ChatGPT on behalf of René Rosendal

          Location

          Copenhagen

          Languages

          Danish, English, SQL


          Profession

          IT Architect

          Availability

          Evenings/Weekends


          Resume

          Senior IT Architect

          2022 - present

          Falck

          Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

          Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
          Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
          IT Architect

          2020-2022

          Forca

          Solution Architect within a scaled agile setup

          Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
          Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
          Consultant

          2018-2020

          Deloitte

          Consultant within the areas of business intelligence, automation & architecture

          Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
          Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
          BI Consultant

          2016-2018

          Inspari

          Business intelligence consultant

          Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
          Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
          Never Ending Cyber Security

          During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

          I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

          I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

          I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

          At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

          1. Backup on-prem
          2. Backup cloud/SaaS
          3. Restore test
          4. 3-2-1 backup method
          5. Ransomware protection
          6. Redundancy
          7. DDos protection
          8. Single point of failure
          9. Network segregation
          10. Endpoint security
          11. Firewall/gateway protection
          12. Break glass policies/solutions
          13. IoT security
          14. Segregartion of duties
          15. DevSecOps
          16. Secrets management
          17. Sql injection protection
          18. Cross site scripting
          19. Brute force prevention
          20. Patch management
          21. Identity access management
          22. Privileged access principels
          23. Network Monitoring Tools (Siem)
          24. Intrusion Detection Systems
          25. Cloud access security broker
          26. DNS filter/URL filtering.
          27. Honeypot
          28. Penetration testing
          29. Physical access security
          30. VPN when working outsite the organization’s network
          31. Avoid non-company IT services
          32. No non-standard software installed on personal PC’s
          33. Sandboxes for testing/investigating
          34. E-mail security
          35. Awareness training
          36. USB port policies
          37. Work phone policies
          38. Data categorization
          39. No clear text passwords
          40. Encryption in transit
          41. Encryption at rest
          42. Encryption key management
          43. E-mail encryption
          44. Disk encryption
          45. Backup encryption
          46. Data loss prevention solution
          47. Zero-trust principle
          48. Least privilege principle
          49. Privileged account policies
          50. Secrets management
          51. RBAC
          52. AD security
          53. Service accounts security policies
          54. Multi-factor authentication
          55. Antivirus software
          56. Incident response

          Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

          To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

          I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

          In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

          Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

          Improve IT

          What I Do

          I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

          • Employee onboarding/offboarding processes
          • How the employees behave on the behalf of the organization
          • Security and backup of all the cloud solutions you subscribe to
          • Emergency procedures

          They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

          I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

          Assessment
          I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

          Strategy
          In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

          Implementation
          The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

          Ongoing support
          New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

          How my services will fit you
          IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

          My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

          And at last, the brutal truth
          IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

          Text on panel

          This is text about the IT security review.

          CONTACT

          CONTACT ME

          Phone

          +45 29 64 65 53

          E-mail

          rene@rosendal-hansen.dk

          Location

          Copenhagen, Denmark

          Connect

          linkedin.com/in/renerosendal/

          Let's Talk

            PORTFOLIO

            PORTFOLIO

            Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

            FILTERS
            • All
            • SEO
            • Web Design
            • WordPress
            Cernantur enim se cernantur illum.

            PHOTO GALLERY

            Cernantur enim se cernantur illum.

            Illum excepteur e domestic sia.

            VIDEO GALLERY

            Illum excepteur e domestic sia.

            Do labore pariatur ut fugiat cupid.

            AUTOPLAY ON

            Do labore pariatur ut fugiat cupid.

            Nisi commodo commodo, voluptate sunt.

            PHOTO GALLERY

            Nisi commodo commodo, voluptate sunt.

            Cillum nescius hic anim cillum.

            SINGLE PORTFOLIO

            Cillum nescius hic anim cillum.

            Cernantur enim se cernantur illum.

            ANOTHER GALLERY

            Cernantur enim se cernantur illum.

            RESUME
            RESUME

            EXPERIENCE

            Senior Developer - Google Inc

            2010 to present

            2010

            Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

            Art Director - Designs Ltd

            2008-2010

            2008

            Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

            Web Designer - Web Agency

            2005-2008

            2005

            Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


            EDUCATION

            The University of Texas

            1997-2002

            1997

            Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

            Institue of Design

            1994-1997

            1994

            Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


            SKILLS

            Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

            HTML5
            75%
            CSS3
            65%
            jQuery
            50%
            PHP
            80%
            WordPress
            100%
            SEO
            75%
            Photoshop
            70%
            ABOUT ME
            ABOUT ME

            About Me

            I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

            In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

            While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

            By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

            - ChatGPT on behalf of René Rosendal

            Location

            Copenhagen

            Languages

            Danish, English, SQL


            Profession

            IT Architect

            Availability

            Evenings/Weekends


            Resume

            Senior IT Architect

            2022 - present

            Falck

            Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

            Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
            Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
            IT Architect

            2020-2022

            Forca

            Solution Architect within a scaled agile setup

            Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
            Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
            Consultant

            2018-2020

            Deloitte

            Consultant within the areas of business intelligence, automation & architecture

            Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
            Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
            BI Consultant

            2016-2018

            Inspari

            Business intelligence consultant

            Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
            Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
            Never Ending Cyber Security

            During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

            I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

            I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

            I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

            At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

            1. Backup on-prem
            2. Backup cloud/SaaS
            3. Restore test
            4. 3-2-1 backup method
            5. Ransomware protection
            6. Redundancy
            7. DDos protection
            8. Single point of failure
            9. Network segregation
            10. Endpoint security
            11. Firewall/gateway protection
            12. Break glass policies/solutions
            13. IoT security
            14. Segregartion of duties
            15. DevSecOps
            16. Secrets management
            17. Sql injection protection
            18. Cross site scripting
            19. Brute force prevention
            20. Patch management
            21. Identity access management
            22. Privileged access principels
            23. Network Monitoring Tools (Siem)
            24. Intrusion Detection Systems
            25. Cloud access security broker
            26. DNS filter/URL filtering.
            27. Honeypot
            28. Penetration testing
            29. Physical access security
            30. VPN when working outsite the organization’s network
            31. Avoid non-company IT services
            32. No non-standard software installed on personal PC’s
            33. Sandboxes for testing/investigating
            34. E-mail security
            35. Awareness training
            36. USB port policies
            37. Work phone policies
            38. Data categorization
            39. No clear text passwords
            40. Encryption in transit
            41. Encryption at rest
            42. Encryption key management
            43. E-mail encryption
            44. Disk encryption
            45. Backup encryption
            46. Data loss prevention solution
            47. Zero-trust principle
            48. Least privilege principle
            49. Privileged account policies
            50. Secrets management
            51. RBAC
            52. AD security
            53. Service accounts security policies
            54. Multi-factor authentication
            55. Antivirus software
            56. Incident response

            Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

            To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

            I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

            In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

            Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

            Improve IT

            What I Do

            I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

            • Employee onboarding/offboarding processes
            • How the employees behave on the behalf of the organization
            • Security and backup of all the cloud solutions you subscribe to
            • Emergency procedures

            They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

            I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

            Assessment
            I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

            Strategy
            In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

            Implementation
            The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

            Ongoing support
            New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

            How my services will fit you
            IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

            My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

            And at last, the brutal truth
            IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

            Text on panel

            This is text about the IT security review.

            CONTACT

            CONTACT ME

            Phone

            +45 29 64 65 53

            E-mail

            rene@rosendal-hansen.dk

            Location

            Copenhagen, Denmark

            Connect

            linkedin.com/in/renerosendal/

            Let's Talk

              PORTFOLIO

              PORTFOLIO

              Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

              FILTERS
              • All
              • SEO
              • Web Design
              • WordPress
              Cernantur enim se cernantur illum.

              PHOTO GALLERY

              Cernantur enim se cernantur illum.

              Illum excepteur e domestic sia.

              VIDEO GALLERY

              Illum excepteur e domestic sia.

              Do labore pariatur ut fugiat cupid.

              AUTOPLAY ON

              Do labore pariatur ut fugiat cupid.

              Nisi commodo commodo, voluptate sunt.

              PHOTO GALLERY

              Nisi commodo commodo, voluptate sunt.

              Cillum nescius hic anim cillum.

              SINGLE PORTFOLIO

              Cillum nescius hic anim cillum.

              Cernantur enim se cernantur illum.

              ANOTHER GALLERY

              Cernantur enim se cernantur illum.

              RESUME
              RESUME

              EXPERIENCE

              Senior Developer - Google Inc

              2010 to present

              2010

              Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

              Art Director - Designs Ltd

              2008-2010

              2008

              Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

              Web Designer - Web Agency

              2005-2008

              2005

              Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


              EDUCATION

              The University of Texas

              1997-2002

              1997

              Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

              Institue of Design

              1994-1997

              1994

              Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


              SKILLS

              Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

              HTML5
              75%
              CSS3
              65%
              jQuery
              50%
              PHP
              80%
              WordPress
              100%
              SEO
              75%
              Photoshop
              70%
              ABOUT ME
              ABOUT ME

              About Me

              I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

              In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

              While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

              By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

              - ChatGPT on behalf of René Rosendal

              Location

              Copenhagen

              Languages

              Danish, English, SQL


              Profession

              IT Architect

              Availability

              Evenings/Weekends


              Resume

              Senior IT Architect

              2022 - present

              Falck

              Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

              Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
              Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
              IT Architect

              2020-2022

              Forca

              Solution Architect within a scaled agile setup

              Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
              Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
              Consultant

              2018-2020

              Deloitte

              Consultant within the areas of business intelligence, automation & architecture

              Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
              Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
              BI Consultant

              2016-2018

              Inspari

              Business intelligence consultant

              Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
              Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
              Never Ending Cyber Security

              During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

              I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

              I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

              I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

              At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

              1. Backup on-prem
              2. Backup cloud/SaaS
              3. Restore test
              4. 3-2-1 backup method
              5. Ransomware protection
              6. Redundancy
              7. DDos protection
              8. Single point of failure
              9. Network segregation
              10. Endpoint security
              11. Firewall/gateway protection
              12. Break glass policies/solutions
              13. IoT security
              14. Segregartion of duties
              15. DevSecOps
              16. Secrets management
              17. Sql injection protection
              18. Cross site scripting
              19. Brute force prevention
              20. Patch management
              21. Identity access management
              22. Privileged access principels
              23. Network Monitoring Tools (Siem)
              24. Intrusion Detection Systems
              25. Cloud access security broker
              26. DNS filter/URL filtering.
              27. Honeypot
              28. Penetration testing
              29. Physical access security
              30. VPN when working outsite the organization’s network
              31. Avoid non-company IT services
              32. No non-standard software installed on personal PC’s
              33. Sandboxes for testing/investigating
              34. E-mail security
              35. Awareness training
              36. USB port policies
              37. Work phone policies
              38. Data categorization
              39. No clear text passwords
              40. Encryption in transit
              41. Encryption at rest
              42. Encryption key management
              43. E-mail encryption
              44. Disk encryption
              45. Backup encryption
              46. Data loss prevention solution
              47. Zero-trust principle
              48. Least privilege principle
              49. Privileged account policies
              50. Secrets management
              51. RBAC
              52. AD security
              53. Service accounts security policies
              54. Multi-factor authentication
              55. Antivirus software
              56. Incident response

              Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

              To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

              I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

              In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

              Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

              Improve IT

              What I Do

              I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

              • Employee onboarding/offboarding processes
              • How the employees behave on the behalf of the organization
              • Security and backup of all the cloud solutions you subscribe to
              • Emergency procedures

              They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

              I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

              Assessment
              I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

              Strategy
              In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

              Implementation
              The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

              Ongoing support
              New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

              How my services will fit you
              IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

              My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

              And at last, the brutal truth
              IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

              Text on panel

              This is text about the IT security review.

              CONTACT

              CONTACT ME

              Phone

              +45 29 64 65 53

              E-mail

              rene@rosendal-hansen.dk

              Location

              Copenhagen, Denmark

              Connect

              linkedin.com/in/renerosendal/

              Let's Talk

                PORTFOLIO

                PORTFOLIO

                Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                FILTERS
                • All
                • SEO
                • Web Design
                • WordPress
                Cernantur enim se cernantur illum.

                PHOTO GALLERY

                Cernantur enim se cernantur illum.

                Illum excepteur e domestic sia.

                VIDEO GALLERY

                Illum excepteur e domestic sia.

                Do labore pariatur ut fugiat cupid.

                AUTOPLAY ON

                Do labore pariatur ut fugiat cupid.

                Nisi commodo commodo, voluptate sunt.

                PHOTO GALLERY

                Nisi commodo commodo, voluptate sunt.

                Cillum nescius hic anim cillum.

                SINGLE PORTFOLIO

                Cillum nescius hic anim cillum.

                Cernantur enim se cernantur illum.

                ANOTHER GALLERY

                Cernantur enim se cernantur illum.

                RESUME
                RESUME

                EXPERIENCE

                Senior Developer - Google Inc

                2010 to present

                2010

                Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                Art Director - Designs Ltd

                2008-2010

                2008

                Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                Web Designer - Web Agency

                2005-2008

                2005

                Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                EDUCATION

                The University of Texas

                1997-2002

                1997

                Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                Institue of Design

                1994-1997

                1994

                Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                SKILLS

                Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                HTML5
                75%
                CSS3
                65%
                jQuery
                50%
                PHP
                80%
                WordPress
                100%
                SEO
                75%
                Photoshop
                70%
                ABOUT ME
                ABOUT ME

                About Me

                I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                - ChatGPT on behalf of René Rosendal

                Location

                Copenhagen

                Languages

                Danish, English, SQL


                Profession

                IT Architect

                Availability

                Evenings/Weekends


                Resume

                Senior IT Architect

                2022 - present

                Falck

                Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                IT Architect

                2020-2022

                Forca

                Solution Architect within a scaled agile setup

                Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                Consultant

                2018-2020

                Deloitte

                Consultant within the areas of business intelligence, automation & architecture

                Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                BI Consultant

                2016-2018

                Inspari

                Business intelligence consultant

                Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                Never Ending Cyber Security

                During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                1. Backup on-prem
                2. Backup cloud/SaaS
                3. Restore test
                4. 3-2-1 backup method
                5. Ransomware protection
                6. Redundancy
                7. DDos protection
                8. Single point of failure
                9. Network segregation
                10. Endpoint security
                11. Firewall/gateway protection
                12. Break glass policies/solutions
                13. IoT security
                14. Segregartion of duties
                15. DevSecOps
                16. Secrets management
                17. Sql injection protection
                18. Cross site scripting
                19. Brute force prevention
                20. Patch management
                21. Identity access management
                22. Privileged access principels
                23. Network Monitoring Tools (Siem)
                24. Intrusion Detection Systems
                25. Cloud access security broker
                26. DNS filter/URL filtering.
                27. Honeypot
                28. Penetration testing
                29. Physical access security
                30. VPN when working outsite the organization’s network
                31. Avoid non-company IT services
                32. No non-standard software installed on personal PC’s
                33. Sandboxes for testing/investigating
                34. E-mail security
                35. Awareness training
                36. USB port policies
                37. Work phone policies
                38. Data categorization
                39. No clear text passwords
                40. Encryption in transit
                41. Encryption at rest
                42. Encryption key management
                43. E-mail encryption
                44. Disk encryption
                45. Backup encryption
                46. Data loss prevention solution
                47. Zero-trust principle
                48. Least privilege principle
                49. Privileged account policies
                50. Secrets management
                51. RBAC
                52. AD security
                53. Service accounts security policies
                54. Multi-factor authentication
                55. Antivirus software
                56. Incident response

                Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                Improve IT

                What I Do

                I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                • Employee onboarding/offboarding processes
                • How the employees behave on the behalf of the organization
                • Security and backup of all the cloud solutions you subscribe to
                • Emergency procedures

                They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                Assessment
                I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                Strategy
                In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                Implementation
                The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                Ongoing support
                New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                How my services will fit you
                IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                And at last, the brutal truth
                IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                Text on panel

                This is text about the IT security review.

                CONTACT

                CONTACT ME

                Phone

                +45 29 64 65 53

                E-mail

                rene@rosendal-hansen.dk

                Location

                Copenhagen, Denmark

                Connect

                linkedin.com/in/renerosendal/

                Let's Talk

                  PORTFOLIO

                  PORTFOLIO

                  Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                  FILTERS
                  • All
                  • SEO
                  • Web Design
                  • WordPress
                  Cernantur enim se cernantur illum.

                  PHOTO GALLERY

                  Cernantur enim se cernantur illum.

                  Illum excepteur e domestic sia.

                  VIDEO GALLERY

                  Illum excepteur e domestic sia.

                  Do labore pariatur ut fugiat cupid.

                  AUTOPLAY ON

                  Do labore pariatur ut fugiat cupid.

                  Nisi commodo commodo, voluptate sunt.

                  PHOTO GALLERY

                  Nisi commodo commodo, voluptate sunt.

                  Cillum nescius hic anim cillum.

                  SINGLE PORTFOLIO

                  Cillum nescius hic anim cillum.

                  Cernantur enim se cernantur illum.

                  ANOTHER GALLERY

                  Cernantur enim se cernantur illum.

                  RESUME
                  RESUME

                  EXPERIENCE

                  Senior Developer - Google Inc

                  2010 to present

                  2010

                  Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                  Art Director - Designs Ltd

                  2008-2010

                  2008

                  Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                  Web Designer - Web Agency

                  2005-2008

                  2005

                  Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                  EDUCATION

                  The University of Texas

                  1997-2002

                  1997

                  Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                  Institue of Design

                  1994-1997

                  1994

                  Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                  SKILLS

                  Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                  HTML5
                  75%
                  CSS3
                  65%
                  jQuery
                  50%
                  PHP
                  80%
                  WordPress
                  100%
                  SEO
                  75%
                  Photoshop
                  70%
                  ABOUT ME
                  ABOUT ME

                  About Me

                  I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                  In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                  While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                  By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                  - ChatGPT on behalf of René Rosendal

                  Location

                  Copenhagen

                  Languages

                  Danish, English, SQL


                  Profession

                  IT Architect

                  Availability

                  Evenings/Weekends


                  Resume

                  Senior IT Architect

                  2022 - present

                  Falck

                  Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                  Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                  Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                  IT Architect

                  2020-2022

                  Forca

                  Solution Architect within a scaled agile setup

                  Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                  Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                  Consultant

                  2018-2020

                  Deloitte

                  Consultant within the areas of business intelligence, automation & architecture

                  Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                  Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                  BI Consultant

                  2016-2018

                  Inspari

                  Business intelligence consultant

                  Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                  Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                  Never Ending Cyber Security

                  During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                  I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                  I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                  I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                  At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                  1. Backup on-prem
                  2. Backup cloud/SaaS
                  3. Restore test
                  4. 3-2-1 backup method
                  5. Ransomware protection
                  6. Redundancy
                  7. DDos protection
                  8. Single point of failure
                  9. Network segregation
                  10. Endpoint security
                  11. Firewall/gateway protection
                  12. Break glass policies/solutions
                  13. IoT security
                  14. Segregartion of duties
                  15. DevSecOps
                  16. Secrets management
                  17. Sql injection protection
                  18. Cross site scripting
                  19. Brute force prevention
                  20. Patch management
                  21. Identity access management
                  22. Privileged access principels
                  23. Network Monitoring Tools (Siem)
                  24. Intrusion Detection Systems
                  25. Cloud access security broker
                  26. DNS filter/URL filtering.
                  27. Honeypot
                  28. Penetration testing
                  29. Physical access security
                  30. VPN when working outsite the organization’s network
                  31. Avoid non-company IT services
                  32. No non-standard software installed on personal PC’s
                  33. Sandboxes for testing/investigating
                  34. E-mail security
                  35. Awareness training
                  36. USB port policies
                  37. Work phone policies
                  38. Data categorization
                  39. No clear text passwords
                  40. Encryption in transit
                  41. Encryption at rest
                  42. Encryption key management
                  43. E-mail encryption
                  44. Disk encryption
                  45. Backup encryption
                  46. Data loss prevention solution
                  47. Zero-trust principle
                  48. Least privilege principle
                  49. Privileged account policies
                  50. Secrets management
                  51. RBAC
                  52. AD security
                  53. Service accounts security policies
                  54. Multi-factor authentication
                  55. Antivirus software
                  56. Incident response

                  Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                  To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                  I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                  In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                  Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                  Improve IT

                  What I Do

                  I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                  • Employee onboarding/offboarding processes
                  • How the employees behave on the behalf of the organization
                  • Security and backup of all the cloud solutions you subscribe to
                  • Emergency procedures

                  They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                  I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                  Assessment
                  I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                  Strategy
                  In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                  Implementation
                  The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                  Ongoing support
                  New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                  How my services will fit you
                  IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                  My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                  And at last, the brutal truth
                  IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                  Text on panel

                  This is text about the IT security review.

                  CONTACT

                  CONTACT ME

                  Phone

                  +45 29 64 65 53

                  E-mail

                  rene@rosendal-hansen.dk

                  Location

                  Copenhagen, Denmark

                  Connect

                  linkedin.com/in/renerosendal/

                  Let's Talk

                    PORTFOLIO

                    PORTFOLIO

                    Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                    FILTERS
                    • All
                    • SEO
                    • Web Design
                    • WordPress
                    Cernantur enim se cernantur illum.

                    PHOTO GALLERY

                    Cernantur enim se cernantur illum.

                    Illum excepteur e domestic sia.

                    VIDEO GALLERY

                    Illum excepteur e domestic sia.

                    Do labore pariatur ut fugiat cupid.

                    AUTOPLAY ON

                    Do labore pariatur ut fugiat cupid.

                    Nisi commodo commodo, voluptate sunt.

                    PHOTO GALLERY

                    Nisi commodo commodo, voluptate sunt.

                    Cillum nescius hic anim cillum.

                    SINGLE PORTFOLIO

                    Cillum nescius hic anim cillum.

                    Cernantur enim se cernantur illum.

                    ANOTHER GALLERY

                    Cernantur enim se cernantur illum.

                    RESUME
                    RESUME

                    EXPERIENCE

                    Senior Developer - Google Inc

                    2010 to present

                    2010

                    Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                    Art Director - Designs Ltd

                    2008-2010

                    2008

                    Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                    Web Designer - Web Agency

                    2005-2008

                    2005

                    Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                    EDUCATION

                    The University of Texas

                    1997-2002

                    1997

                    Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                    Institue of Design

                    1994-1997

                    1994

                    Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                    SKILLS

                    Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                    HTML5
                    75%
                    CSS3
                    65%
                    jQuery
                    50%
                    PHP
                    80%
                    WordPress
                    100%
                    SEO
                    75%
                    Photoshop
                    70%
                    ABOUT ME
                    ABOUT ME

                    About Me

                    I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                    In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                    While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                    By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                    - ChatGPT on behalf of René Rosendal

                    Location

                    Copenhagen

                    Languages

                    Danish, English, SQL


                    Profession

                    IT Architect

                    Availability

                    Evenings/Weekends


                    Resume

                    Senior IT Architect

                    2022 - present

                    Falck

                    Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                    Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                    Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                    IT Architect

                    2020-2022

                    Forca

                    Solution Architect within a scaled agile setup

                    Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                    Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                    Consultant

                    2018-2020

                    Deloitte

                    Consultant within the areas of business intelligence, automation & architecture

                    Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                    Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                    BI Consultant

                    2016-2018

                    Inspari

                    Business intelligence consultant

                    Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                    Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                    Never Ending Cyber Security

                    During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                    I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                    I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                    I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                    At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                    1. Backup on-prem
                    2. Backup cloud/SaaS
                    3. Restore test
                    4. 3-2-1 backup method
                    5. Ransomware protection
                    6. Redundancy
                    7. DDos protection
                    8. Single point of failure
                    9. Network segregation
                    10. Endpoint security
                    11. Firewall/gateway protection
                    12. Break glass policies/solutions
                    13. IoT security
                    14. Segregartion of duties
                    15. DevSecOps
                    16. Secrets management
                    17. Sql injection protection
                    18. Cross site scripting
                    19. Brute force prevention
                    20. Patch management
                    21. Identity access management
                    22. Privileged access principels
                    23. Network Monitoring Tools (Siem)
                    24. Intrusion Detection Systems
                    25. Cloud access security broker
                    26. DNS filter/URL filtering.
                    27. Honeypot
                    28. Penetration testing
                    29. Physical access security
                    30. VPN when working outsite the organization’s network
                    31. Avoid non-company IT services
                    32. No non-standard software installed on personal PC’s
                    33. Sandboxes for testing/investigating
                    34. E-mail security
                    35. Awareness training
                    36. USB port policies
                    37. Work phone policies
                    38. Data categorization
                    39. No clear text passwords
                    40. Encryption in transit
                    41. Encryption at rest
                    42. Encryption key management
                    43. E-mail encryption
                    44. Disk encryption
                    45. Backup encryption
                    46. Data loss prevention solution
                    47. Zero-trust principle
                    48. Least privilege principle
                    49. Privileged account policies
                    50. Secrets management
                    51. RBAC
                    52. AD security
                    53. Service accounts security policies
                    54. Multi-factor authentication
                    55. Antivirus software
                    56. Incident response

                    Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                    To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                    I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                    In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                    Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                    Improve IT

                    What I Do

                    I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                    • Employee onboarding/offboarding processes
                    • How the employees behave on the behalf of the organization
                    • Security and backup of all the cloud solutions you subscribe to
                    • Emergency procedures

                    They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                    I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                    Assessment
                    I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                    Strategy
                    In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                    Implementation
                    The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                    Ongoing support
                    New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                    How my services will fit you
                    IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                    My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                    And at last, the brutal truth
                    IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                    Text on panel

                    This is text about the IT security review.

                    CONTACT

                    CONTACT ME

                    Phone

                    +45 29 64 65 53

                    E-mail

                    rene@rosendal-hansen.dk

                    Location

                    Copenhagen, Denmark

                    Connect

                    linkedin.com/in/renerosendal/

                    Let's Talk

                      PORTFOLIO

                      PORTFOLIO

                      Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                      FILTERS
                      • All
                      • SEO
                      • Web Design
                      • WordPress
                      Cernantur enim se cernantur illum.

                      PHOTO GALLERY

                      Cernantur enim se cernantur illum.

                      Illum excepteur e domestic sia.

                      VIDEO GALLERY

                      Illum excepteur e domestic sia.

                      Do labore pariatur ut fugiat cupid.

                      AUTOPLAY ON

                      Do labore pariatur ut fugiat cupid.

                      Nisi commodo commodo, voluptate sunt.

                      PHOTO GALLERY

                      Nisi commodo commodo, voluptate sunt.

                      Cillum nescius hic anim cillum.

                      SINGLE PORTFOLIO

                      Cillum nescius hic anim cillum.

                      Cernantur enim se cernantur illum.

                      ANOTHER GALLERY

                      Cernantur enim se cernantur illum.

                      RESUME
                      RESUME

                      EXPERIENCE

                      Senior Developer - Google Inc

                      2010 to present

                      2010

                      Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                      Art Director - Designs Ltd

                      2008-2010

                      2008

                      Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                      Web Designer - Web Agency

                      2005-2008

                      2005

                      Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                      EDUCATION

                      The University of Texas

                      1997-2002

                      1997

                      Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                      Institue of Design

                      1994-1997

                      1994

                      Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                      SKILLS

                      Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                      HTML5
                      75%
                      CSS3
                      65%
                      jQuery
                      50%
                      PHP
                      80%
                      WordPress
                      100%
                      SEO
                      75%
                      Photoshop
                      70%
                      ABOUT ME
                      ABOUT ME

                      About Me

                      I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                      In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                      While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                      By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                      - ChatGPT on behalf of René Rosendal

                      Location

                      Copenhagen

                      Languages

                      Danish, English, SQL


                      Profession

                      IT Architect

                      Availability

                      Evenings/Weekends


                      Resume

                      Senior IT Architect

                      2022 - present

                      Falck

                      Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                      Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                      Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                      IT Architect

                      2020-2022

                      Forca

                      Solution Architect within a scaled agile setup

                      Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                      Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                      Consultant

                      2018-2020

                      Deloitte

                      Consultant within the areas of business intelligence, automation & architecture

                      Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                      Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                      BI Consultant

                      2016-2018

                      Inspari

                      Business intelligence consultant

                      Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                      Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                      Never Ending Cyber Security

                      During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                      I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                      I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                      I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                      At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                      1. Backup on-prem
                      2. Backup cloud/SaaS
                      3. Restore test
                      4. 3-2-1 backup method
                      5. Ransomware protection
                      6. Redundancy
                      7. DDos protection
                      8. Single point of failure
                      9. Network segregation
                      10. Endpoint security
                      11. Firewall/gateway protection
                      12. Break glass policies/solutions
                      13. IoT security
                      14. Segregartion of duties
                      15. DevSecOps
                      16. Secrets management
                      17. Sql injection protection
                      18. Cross site scripting
                      19. Brute force prevention
                      20. Patch management
                      21. Identity access management
                      22. Privileged access principels
                      23. Network Monitoring Tools (Siem)
                      24. Intrusion Detection Systems
                      25. Cloud access security broker
                      26. DNS filter/URL filtering.
                      27. Honeypot
                      28. Penetration testing
                      29. Physical access security
                      30. VPN when working outsite the organization’s network
                      31. Avoid non-company IT services
                      32. No non-standard software installed on personal PC’s
                      33. Sandboxes for testing/investigating
                      34. E-mail security
                      35. Awareness training
                      36. USB port policies
                      37. Work phone policies
                      38. Data categorization
                      39. No clear text passwords
                      40. Encryption in transit
                      41. Encryption at rest
                      42. Encryption key management
                      43. E-mail encryption
                      44. Disk encryption
                      45. Backup encryption
                      46. Data loss prevention solution
                      47. Zero-trust principle
                      48. Least privilege principle
                      49. Privileged account policies
                      50. Secrets management
                      51. RBAC
                      52. AD security
                      53. Service accounts security policies
                      54. Multi-factor authentication
                      55. Antivirus software
                      56. Incident response

                      Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                      To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                      I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                      In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                      Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                      Improve IT

                      What I Do

                      I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                      • Employee onboarding/offboarding processes
                      • How the employees behave on the behalf of the organization
                      • Security and backup of all the cloud solutions you subscribe to
                      • Emergency procedures

                      They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                      I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                      Assessment
                      I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                      Strategy
                      In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                      Implementation
                      The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                      Ongoing support
                      New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                      How my services will fit you
                      IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                      My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                      And at last, the brutal truth
                      IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                      Text on panel

                      This is text about the IT security review.

                      CONTACT

                      CONTACT ME

                      Phone

                      +45 29 64 65 53

                      E-mail

                      rene@rosendal-hansen.dk

                      Location

                      Copenhagen, Denmark

                      Connect

                      linkedin.com/in/renerosendal/

                      Let's Talk

                        PORTFOLIO

                        PORTFOLIO

                        Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                        FILTERS
                        • All
                        • SEO
                        • Web Design
                        • WordPress
                        Cernantur enim se cernantur illum.

                        PHOTO GALLERY

                        Cernantur enim se cernantur illum.

                        Illum excepteur e domestic sia.

                        VIDEO GALLERY

                        Illum excepteur e domestic sia.

                        Do labore pariatur ut fugiat cupid.

                        AUTOPLAY ON

                        Do labore pariatur ut fugiat cupid.

                        Nisi commodo commodo, voluptate sunt.

                        PHOTO GALLERY

                        Nisi commodo commodo, voluptate sunt.

                        Cillum nescius hic anim cillum.

                        SINGLE PORTFOLIO

                        Cillum nescius hic anim cillum.

                        Cernantur enim se cernantur illum.

                        ANOTHER GALLERY

                        Cernantur enim se cernantur illum.

                        RESUME
                        RESUME

                        EXPERIENCE

                        Senior Developer - Google Inc

                        2010 to present

                        2010

                        Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                        Art Director - Designs Ltd

                        2008-2010

                        2008

                        Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                        Web Designer - Web Agency

                        2005-2008

                        2005

                        Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                        EDUCATION

                        The University of Texas

                        1997-2002

                        1997

                        Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                        Institue of Design

                        1994-1997

                        1994

                        Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                        SKILLS

                        Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                        HTML5
                        75%
                        CSS3
                        65%
                        jQuery
                        50%
                        PHP
                        80%
                        WordPress
                        100%
                        SEO
                        75%
                        Photoshop
                        70%
                        ABOUT ME
                        ABOUT ME

                        About Me

                        I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                        In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                        While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                        By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                        - ChatGPT on behalf of René Rosendal

                        Location

                        Copenhagen

                        Languages

                        Danish, English, SQL


                        Profession

                        IT Architect

                        Availability

                        Evenings/Weekends


                        Resume

                        Senior IT Architect

                        2022 - present

                        Falck

                        Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                        Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                        Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                        IT Architect

                        2020-2022

                        Forca

                        Solution Architect within a scaled agile setup

                        Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                        Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                        Consultant

                        2018-2020

                        Deloitte

                        Consultant within the areas of business intelligence, automation & architecture

                        Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                        Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                        BI Consultant

                        2016-2018

                        Inspari

                        Business intelligence consultant

                        Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                        Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                        Never Ending Cyber Security

                        During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                        I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                        I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                        I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                        At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                        1. Backup on-prem
                        2. Backup cloud/SaaS
                        3. Restore test
                        4. 3-2-1 backup method
                        5. Ransomware protection
                        6. Redundancy
                        7. DDos protection
                        8. Single point of failure
                        9. Network segregation
                        10. Endpoint security
                        11. Firewall/gateway protection
                        12. Break glass policies/solutions
                        13. IoT security
                        14. Segregartion of duties
                        15. DevSecOps
                        16. Secrets management
                        17. Sql injection protection
                        18. Cross site scripting
                        19. Brute force prevention
                        20. Patch management
                        21. Identity access management
                        22. Privileged access principels
                        23. Network Monitoring Tools (Siem)
                        24. Intrusion Detection Systems
                        25. Cloud access security broker
                        26. DNS filter/URL filtering.
                        27. Honeypot
                        28. Penetration testing
                        29. Physical access security
                        30. VPN when working outsite the organization’s network
                        31. Avoid non-company IT services
                        32. No non-standard software installed on personal PC’s
                        33. Sandboxes for testing/investigating
                        34. E-mail security
                        35. Awareness training
                        36. USB port policies
                        37. Work phone policies
                        38. Data categorization
                        39. No clear text passwords
                        40. Encryption in transit
                        41. Encryption at rest
                        42. Encryption key management
                        43. E-mail encryption
                        44. Disk encryption
                        45. Backup encryption
                        46. Data loss prevention solution
                        47. Zero-trust principle
                        48. Least privilege principle
                        49. Privileged account policies
                        50. Secrets management
                        51. RBAC
                        52. AD security
                        53. Service accounts security policies
                        54. Multi-factor authentication
                        55. Antivirus software
                        56. Incident response

                        Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                        To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                        I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                        In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                        Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                        Improve IT

                        What I Do

                        I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                        • Employee onboarding/offboarding processes
                        • How the employees behave on the behalf of the organization
                        • Security and backup of all the cloud solutions you subscribe to
                        • Emergency procedures

                        They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                        I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                        Assessment
                        I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                        Strategy
                        In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                        Implementation
                        The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                        Ongoing support
                        New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                        How my services will fit you
                        IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                        My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                        And at last, the brutal truth
                        IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                        Text on panel

                        This is text about the IT security review.

                        CONTACT

                        CONTACT ME

                        Phone

                        +45 29 64 65 53

                        E-mail

                        rene@rosendal-hansen.dk

                        Location

                        Copenhagen, Denmark

                        Connect

                        linkedin.com/in/renerosendal/

                        Let's Talk

                          PORTFOLIO

                          PORTFOLIO

                          Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                          FILTERS
                          • All
                          • SEO
                          • Web Design
                          • WordPress
                          Cernantur enim se cernantur illum.

                          PHOTO GALLERY

                          Cernantur enim se cernantur illum.

                          Illum excepteur e domestic sia.

                          VIDEO GALLERY

                          Illum excepteur e domestic sia.

                          Do labore pariatur ut fugiat cupid.

                          AUTOPLAY ON

                          Do labore pariatur ut fugiat cupid.

                          Nisi commodo commodo, voluptate sunt.

                          PHOTO GALLERY

                          Nisi commodo commodo, voluptate sunt.

                          Cillum nescius hic anim cillum.

                          SINGLE PORTFOLIO

                          Cillum nescius hic anim cillum.

                          Cernantur enim se cernantur illum.

                          ANOTHER GALLERY

                          Cernantur enim se cernantur illum.

                          RESUME
                          RESUME

                          EXPERIENCE

                          Senior Developer - Google Inc

                          2010 to present

                          2010

                          Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                          Art Director - Designs Ltd

                          2008-2010

                          2008

                          Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                          Web Designer - Web Agency

                          2005-2008

                          2005

                          Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                          EDUCATION

                          The University of Texas

                          1997-2002

                          1997

                          Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                          Institue of Design

                          1994-1997

                          1994

                          Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                          SKILLS

                          Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                          HTML5
                          75%
                          CSS3
                          65%
                          jQuery
                          50%
                          PHP
                          80%
                          WordPress
                          100%
                          SEO
                          75%
                          Photoshop
                          70%
                          ABOUT ME
                          ABOUT ME

                          About Me

                          I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                          In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                          While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                          By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                          - ChatGPT on behalf of René Rosendal

                          Location

                          Copenhagen

                          Languages

                          Danish, English, SQL


                          Profession

                          IT Architect

                          Availability

                          Evenings/Weekends


                          Resume

                          Senior IT Architect

                          2022 - present

                          Falck

                          Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                          Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                          Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                          IT Architect

                          2020-2022

                          Forca

                          Solution Architect within a scaled agile setup

                          Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                          Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                          Consultant

                          2018-2020

                          Deloitte

                          Consultant within the areas of business intelligence, automation & architecture

                          Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                          Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                          BI Consultant

                          2016-2018

                          Inspari

                          Business intelligence consultant

                          Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                          Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                          Never Ending Cyber Security

                          During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                          I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                          I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                          I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                          At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                          1. Backup on-prem
                          2. Backup cloud/SaaS
                          3. Restore test
                          4. 3-2-1 backup method
                          5. Ransomware protection
                          6. Redundancy
                          7. DDos protection
                          8. Single point of failure
                          9. Network segregation
                          10. Endpoint security
                          11. Firewall/gateway protection
                          12. Break glass policies/solutions
                          13. IoT security
                          14. Segregartion of duties
                          15. DevSecOps
                          16. Secrets management
                          17. Sql injection protection
                          18. Cross site scripting
                          19. Brute force prevention
                          20. Patch management
                          21. Identity access management
                          22. Privileged access principels
                          23. Network Monitoring Tools (Siem)
                          24. Intrusion Detection Systems
                          25. Cloud access security broker
                          26. DNS filter/URL filtering.
                          27. Honeypot
                          28. Penetration testing
                          29. Physical access security
                          30. VPN when working outsite the organization’s network
                          31. Avoid non-company IT services
                          32. No non-standard software installed on personal PC’s
                          33. Sandboxes for testing/investigating
                          34. E-mail security
                          35. Awareness training
                          36. USB port policies
                          37. Work phone policies
                          38. Data categorization
                          39. No clear text passwords
                          40. Encryption in transit
                          41. Encryption at rest
                          42. Encryption key management
                          43. E-mail encryption
                          44. Disk encryption
                          45. Backup encryption
                          46. Data loss prevention solution
                          47. Zero-trust principle
                          48. Least privilege principle
                          49. Privileged account policies
                          50. Secrets management
                          51. RBAC
                          52. AD security
                          53. Service accounts security policies
                          54. Multi-factor authentication
                          55. Antivirus software
                          56. Incident response

                          Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                          To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                          I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                          In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                          Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                          Improve IT

                          What I Do

                          I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                          • Employee onboarding/offboarding processes
                          • How the employees behave on the behalf of the organization
                          • Security and backup of all the cloud solutions you subscribe to
                          • Emergency procedures

                          They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                          I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                          Assessment
                          I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                          Strategy
                          In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                          Implementation
                          The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                          Ongoing support
                          New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                          How my services will fit you
                          IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                          My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                          And at last, the brutal truth
                          IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                          Text on panel

                          This is text about the IT security review.

                          CONTACT

                          CONTACT ME

                          Phone

                          +45 29 64 65 53

                          E-mail

                          rene@rosendal-hansen.dk

                          Location

                          Copenhagen, Denmark

                          Connect

                          linkedin.com/in/renerosendal/

                          Let's Talk

                            PORTFOLIO

                            PORTFOLIO

                            Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                            FILTERS
                            • All
                            • SEO
                            • Web Design
                            • WordPress
                            Cernantur enim se cernantur illum.

                            PHOTO GALLERY

                            Cernantur enim se cernantur illum.

                            Illum excepteur e domestic sia.

                            VIDEO GALLERY

                            Illum excepteur e domestic sia.

                            Do labore pariatur ut fugiat cupid.

                            AUTOPLAY ON

                            Do labore pariatur ut fugiat cupid.

                            Nisi commodo commodo, voluptate sunt.

                            PHOTO GALLERY

                            Nisi commodo commodo, voluptate sunt.

                            Cillum nescius hic anim cillum.

                            SINGLE PORTFOLIO

                            Cillum nescius hic anim cillum.

                            Cernantur enim se cernantur illum.

                            ANOTHER GALLERY

                            Cernantur enim se cernantur illum.

                            RESUME
                            RESUME

                            EXPERIENCE

                            Senior Developer - Google Inc

                            2010 to present

                            2010

                            Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                            Art Director - Designs Ltd

                            2008-2010

                            2008

                            Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                            Web Designer - Web Agency

                            2005-2008

                            2005

                            Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                            EDUCATION

                            The University of Texas

                            1997-2002

                            1997

                            Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                            Institue of Design

                            1994-1997

                            1994

                            Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                            SKILLS

                            Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                            HTML5
                            75%
                            CSS3
                            65%
                            jQuery
                            50%
                            PHP
                            80%
                            WordPress
                            100%
                            SEO
                            75%
                            Photoshop
                            70%
                            ABOUT ME
                            ABOUT ME

                            About Me

                            I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                            In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                            While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                            By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                            - ChatGPT on behalf of René Rosendal

                            Location

                            Copenhagen

                            Languages

                            Danish, English, SQL


                            Profession

                            IT Architect

                            Availability

                            Evenings/Weekends


                            Resume

                            Senior IT Architect

                            2022 - present

                            Falck

                            Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                            Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                            Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                            IT Architect

                            2020-2022

                            Forca

                            Solution Architect within a scaled agile setup

                            Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                            Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                            Consultant

                            2018-2020

                            Deloitte

                            Consultant within the areas of business intelligence, automation & architecture

                            Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                            Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                            BI Consultant

                            2016-2018

                            Inspari

                            Business intelligence consultant

                            Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                            Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                            Never Ending Cyber Security

                            During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                            I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                            I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                            I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                            At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                            1. Backup on-prem
                            2. Backup cloud/SaaS
                            3. Restore test
                            4. 3-2-1 backup method
                            5. Ransomware protection
                            6. Redundancy
                            7. DDos protection
                            8. Single point of failure
                            9. Network segregation
                            10. Endpoint security
                            11. Firewall/gateway protection
                            12. Break glass policies/solutions
                            13. IoT security
                            14. Segregartion of duties
                            15. DevSecOps
                            16. Secrets management
                            17. Sql injection protection
                            18. Cross site scripting
                            19. Brute force prevention
                            20. Patch management
                            21. Identity access management
                            22. Privileged access principels
                            23. Network Monitoring Tools (Siem)
                            24. Intrusion Detection Systems
                            25. Cloud access security broker
                            26. DNS filter/URL filtering.
                            27. Honeypot
                            28. Penetration testing
                            29. Physical access security
                            30. VPN when working outsite the organization’s network
                            31. Avoid non-company IT services
                            32. No non-standard software installed on personal PC’s
                            33. Sandboxes for testing/investigating
                            34. E-mail security
                            35. Awareness training
                            36. USB port policies
                            37. Work phone policies
                            38. Data categorization
                            39. No clear text passwords
                            40. Encryption in transit
                            41. Encryption at rest
                            42. Encryption key management
                            43. E-mail encryption
                            44. Disk encryption
                            45. Backup encryption
                            46. Data loss prevention solution
                            47. Zero-trust principle
                            48. Least privilege principle
                            49. Privileged account policies
                            50. Secrets management
                            51. RBAC
                            52. AD security
                            53. Service accounts security policies
                            54. Multi-factor authentication
                            55. Antivirus software
                            56. Incident response

                            Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                            To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                            I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                            In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                            Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                            Improve IT

                            What I Do

                            I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                            • Employee onboarding/offboarding processes
                            • How the employees behave on the behalf of the organization
                            • Security and backup of all the cloud solutions you subscribe to
                            • Emergency procedures

                            They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                            I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                            Assessment
                            I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                            Strategy
                            In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                            Implementation
                            The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                            Ongoing support
                            New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                            How my services will fit you
                            IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                            My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                            And at last, the brutal truth
                            IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                            Text on panel

                            This is text about the IT security review.

                            CONTACT

                            CONTACT ME

                            Phone

                            +45 29 64 65 53

                            E-mail

                            rene@rosendal-hansen.dk

                            Location

                            Copenhagen, Denmark

                            Connect

                            linkedin.com/in/renerosendal/

                            Let's Talk

                              PORTFOLIO

                              PORTFOLIO

                              Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                              FILTERS
                              • All
                              • SEO
                              • Web Design
                              • WordPress
                              Cernantur enim se cernantur illum.

                              PHOTO GALLERY

                              Cernantur enim se cernantur illum.

                              Illum excepteur e domestic sia.

                              VIDEO GALLERY

                              Illum excepteur e domestic sia.

                              Do labore pariatur ut fugiat cupid.

                              AUTOPLAY ON

                              Do labore pariatur ut fugiat cupid.

                              Nisi commodo commodo, voluptate sunt.

                              PHOTO GALLERY

                              Nisi commodo commodo, voluptate sunt.

                              Cillum nescius hic anim cillum.

                              SINGLE PORTFOLIO

                              Cillum nescius hic anim cillum.

                              Cernantur enim se cernantur illum.

                              ANOTHER GALLERY

                              Cernantur enim se cernantur illum.

                              RESUME
                              RESUME

                              EXPERIENCE

                              Senior Developer - Google Inc

                              2010 to present

                              2010

                              Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                              Art Director - Designs Ltd

                              2008-2010

                              2008

                              Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                              Web Designer - Web Agency

                              2005-2008

                              2005

                              Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                              EDUCATION

                              The University of Texas

                              1997-2002

                              1997

                              Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                              Institue of Design

                              1994-1997

                              1994

                              Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                              SKILLS

                              Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                              HTML5
                              75%
                              CSS3
                              65%
                              jQuery
                              50%
                              PHP
                              80%
                              WordPress
                              100%
                              SEO
                              75%
                              Photoshop
                              70%
                              ABOUT ME
                              ABOUT ME

                              About Me

                              I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                              In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                              While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                              By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                              - ChatGPT on behalf of René Rosendal

                              Location

                              Copenhagen

                              Languages

                              Danish, English, SQL


                              Profession

                              IT Architect

                              Availability

                              Evenings/Weekends


                              Resume

                              Senior IT Architect

                              2022 - present

                              Falck

                              Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                              Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                              Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                              IT Architect

                              2020-2022

                              Forca

                              Solution Architect within a scaled agile setup

                              Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                              Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                              Consultant

                              2018-2020

                              Deloitte

                              Consultant within the areas of business intelligence, automation & architecture

                              Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                              Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                              BI Consultant

                              2016-2018

                              Inspari

                              Business intelligence consultant

                              Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                              Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                              Never Ending Cyber Security

                              During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                              I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                              I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                              I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                              At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                              1. Backup on-prem
                              2. Backup cloud/SaaS
                              3. Restore test
                              4. 3-2-1 backup method
                              5. Ransomware protection
                              6. Redundancy
                              7. DDos protection
                              8. Single point of failure
                              9. Network segregation
                              10. Endpoint security
                              11. Firewall/gateway protection
                              12. Break glass policies/solutions
                              13. IoT security
                              14. Segregartion of duties
                              15. DevSecOps
                              16. Secrets management
                              17. Sql injection protection
                              18. Cross site scripting
                              19. Brute force prevention
                              20. Patch management
                              21. Identity access management
                              22. Privileged access principels
                              23. Network Monitoring Tools (Siem)
                              24. Intrusion Detection Systems
                              25. Cloud access security broker
                              26. DNS filter/URL filtering.
                              27. Honeypot
                              28. Penetration testing
                              29. Physical access security
                              30. VPN when working outsite the organization’s network
                              31. Avoid non-company IT services
                              32. No non-standard software installed on personal PC’s
                              33. Sandboxes for testing/investigating
                              34. E-mail security
                              35. Awareness training
                              36. USB port policies
                              37. Work phone policies
                              38. Data categorization
                              39. No clear text passwords
                              40. Encryption in transit
                              41. Encryption at rest
                              42. Encryption key management
                              43. E-mail encryption
                              44. Disk encryption
                              45. Backup encryption
                              46. Data loss prevention solution
                              47. Zero-trust principle
                              48. Least privilege principle
                              49. Privileged account policies
                              50. Secrets management
                              51. RBAC
                              52. AD security
                              53. Service accounts security policies
                              54. Multi-factor authentication
                              55. Antivirus software
                              56. Incident response

                              Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                              To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                              I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                              In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                              Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                              Improve IT

                              What I Do

                              I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                              • Employee onboarding/offboarding processes
                              • How the employees behave on the behalf of the organization
                              • Security and backup of all the cloud solutions you subscribe to
                              • Emergency procedures

                              They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                              I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                              Assessment
                              I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                              Strategy
                              In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                              Implementation
                              The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                              Ongoing support
                              New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                              How my services will fit you
                              IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                              My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                              And at last, the brutal truth
                              IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                              Text on panel

                              This is text about the IT security review.

                              CONTACT

                              CONTACT ME

                              Phone

                              +45 29 64 65 53

                              E-mail

                              rene@rosendal-hansen.dk

                              Location

                              Copenhagen, Denmark

                              Connect

                              linkedin.com/in/renerosendal/

                              Let's Talk

                                PORTFOLIO

                                PORTFOLIO

                                Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                FILTERS
                                • All
                                • SEO
                                • Web Design
                                • WordPress
                                Cernantur enim se cernantur illum.

                                PHOTO GALLERY

                                Cernantur enim se cernantur illum.

                                Illum excepteur e domestic sia.

                                VIDEO GALLERY

                                Illum excepteur e domestic sia.

                                Do labore pariatur ut fugiat cupid.

                                AUTOPLAY ON

                                Do labore pariatur ut fugiat cupid.

                                Nisi commodo commodo, voluptate sunt.

                                PHOTO GALLERY

                                Nisi commodo commodo, voluptate sunt.

                                Cillum nescius hic anim cillum.

                                SINGLE PORTFOLIO

                                Cillum nescius hic anim cillum.

                                Cernantur enim se cernantur illum.

                                ANOTHER GALLERY

                                Cernantur enim se cernantur illum.

                                RESUME
                                RESUME

                                EXPERIENCE

                                Senior Developer - Google Inc

                                2010 to present

                                2010

                                Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                Art Director - Designs Ltd

                                2008-2010

                                2008

                                Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                Web Designer - Web Agency

                                2005-2008

                                2005

                                Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                EDUCATION

                                The University of Texas

                                1997-2002

                                1997

                                Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                Institue of Design

                                1994-1997

                                1994

                                Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                SKILLS

                                Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                HTML5
                                75%
                                CSS3
                                65%
                                jQuery
                                50%
                                PHP
                                80%
                                WordPress
                                100%
                                SEO
                                75%
                                Photoshop
                                70%
                                ABOUT ME
                                ABOUT ME

                                About Me

                                I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                - ChatGPT on behalf of René Rosendal

                                Location

                                Copenhagen

                                Languages

                                Danish, English, SQL


                                Profession

                                IT Architect

                                Availability

                                Evenings/Weekends


                                Resume

                                Senior IT Architect

                                2022 - present

                                Falck

                                Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                IT Architect

                                2020-2022

                                Forca

                                Solution Architect within a scaled agile setup

                                Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                Consultant

                                2018-2020

                                Deloitte

                                Consultant within the areas of business intelligence, automation & architecture

                                Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                BI Consultant

                                2016-2018

                                Inspari

                                Business intelligence consultant

                                Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                Never Ending Cyber Security

                                During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                                At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                                1. Backup on-prem
                                2. Backup cloud/SaaS
                                3. Restore test
                                4. 3-2-1 backup method
                                5. Ransomware protection
                                6. Redundancy
                                7. DDos protection
                                8. Single point of failure
                                9. Network segregation
                                10. Endpoint security
                                11. Firewall/gateway protection
                                12. Break glass policies/solutions
                                13. IoT security
                                14. Segregartion of duties
                                15. DevSecOps
                                16. Secrets management
                                17. Sql injection protection
                                18. Cross site scripting
                                19. Brute force prevention
                                20. Patch management
                                21. Identity access management
                                22. Privileged access principels
                                23. Network Monitoring Tools (Siem)
                                24. Intrusion Detection Systems
                                25. Cloud access security broker
                                26. DNS filter/URL filtering.
                                27. Honeypot
                                28. Penetration testing
                                29. Physical access security
                                30. VPN when working outsite the organization’s network
                                31. Avoid non-company IT services
                                32. No non-standard software installed on personal PC’s
                                33. Sandboxes for testing/investigating
                                34. E-mail security
                                35. Awareness training
                                36. USB port policies
                                37. Work phone policies
                                38. Data categorization
                                39. No clear text passwords
                                40. Encryption in transit
                                41. Encryption at rest
                                42. Encryption key management
                                43. E-mail encryption
                                44. Disk encryption
                                45. Backup encryption
                                46. Data loss prevention solution
                                47. Zero-trust principle
                                48. Least privilege principle
                                49. Privileged account policies
                                50. Secrets management
                                51. RBAC
                                52. AD security
                                53. Service accounts security policies
                                54. Multi-factor authentication
                                55. Antivirus software
                                56. Incident response

                                Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                                To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                                I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                                In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                                Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                                Improve IT

                                What I Do

                                I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                                • Employee onboarding/offboarding processes
                                • How the employees behave on the behalf of the organization
                                • Security and backup of all the cloud solutions you subscribe to
                                • Emergency procedures

                                They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                                I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                                Assessment
                                I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                                Strategy
                                In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                                Implementation
                                The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                                Ongoing support
                                New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                                How my services will fit you
                                IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                                My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                                And at last, the brutal truth
                                IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                                Text on panel

                                This is text about the IT security review.

                                CONTACT

                                CONTACT ME

                                Phone

                                +45 29 64 65 53

                                E-mail

                                rene@rosendal-hansen.dk

                                Location

                                Copenhagen, Denmark

                                Connect

                                linkedin.com/in/renerosendal/

                                Let's Talk

                                  PORTFOLIO

                                  PORTFOLIO

                                  Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                  FILTERS
                                  • All
                                  • SEO
                                  • Web Design
                                  • WordPress
                                  Cernantur enim se cernantur illum.

                                  PHOTO GALLERY

                                  Cernantur enim se cernantur illum.

                                  Illum excepteur e domestic sia.

                                  VIDEO GALLERY

                                  Illum excepteur e domestic sia.

                                  Do labore pariatur ut fugiat cupid.

                                  AUTOPLAY ON

                                  Do labore pariatur ut fugiat cupid.

                                  Nisi commodo commodo, voluptate sunt.

                                  PHOTO GALLERY

                                  Nisi commodo commodo, voluptate sunt.

                                  Cillum nescius hic anim cillum.

                                  SINGLE PORTFOLIO

                                  Cillum nescius hic anim cillum.

                                  Cernantur enim se cernantur illum.

                                  ANOTHER GALLERY

                                  Cernantur enim se cernantur illum.

                                  RESUME
                                  RESUME

                                  EXPERIENCE

                                  Senior Developer - Google Inc

                                  2010 to present

                                  2010

                                  Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                  Art Director - Designs Ltd

                                  2008-2010

                                  2008

                                  Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                  Web Designer - Web Agency

                                  2005-2008

                                  2005

                                  Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                  EDUCATION

                                  The University of Texas

                                  1997-2002

                                  1997

                                  Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                  Institue of Design

                                  1994-1997

                                  1994

                                  Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                  SKILLS

                                  Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                  HTML5
                                  75%
                                  CSS3
                                  65%
                                  jQuery
                                  50%
                                  PHP
                                  80%
                                  WordPress
                                  100%
                                  SEO
                                  75%
                                  Photoshop
                                  70%
                                  ABOUT ME
                                  ABOUT ME

                                  About Me

                                  I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                  In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                  While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                  By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                  - ChatGPT on behalf of René Rosendal

                                  Location

                                  Copenhagen

                                  Languages

                                  Danish, English, SQL


                                  Profession

                                  IT Architect

                                  Availability

                                  Evenings/Weekends


                                  Resume

                                  Senior IT Architect

                                  2022 - present

                                  Falck

                                  Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                  Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                  Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                  IT Architect

                                  2020-2022

                                  Forca

                                  Solution Architect within a scaled agile setup

                                  Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                  Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                  Consultant

                                  2018-2020

                                  Deloitte

                                  Consultant within the areas of business intelligence, automation & architecture

                                  Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                  Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                  BI Consultant

                                  2016-2018

                                  Inspari

                                  Business intelligence consultant

                                  Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                  Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                  Never Ending Cyber Security

                                  During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                  I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                  I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                  I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                                  At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                                  1. Backup on-prem
                                  2. Backup cloud/SaaS
                                  3. Restore test
                                  4. 3-2-1 backup method
                                  5. Ransomware protection
                                  6. Redundancy
                                  7. DDos protection
                                  8. Single point of failure
                                  9. Network segregation
                                  10. Endpoint security
                                  11. Firewall/gateway protection
                                  12. Break glass policies/solutions
                                  13. IoT security
                                  14. Segregartion of duties
                                  15. DevSecOps
                                  16. Secrets management
                                  17. Sql injection protection
                                  18. Cross site scripting
                                  19. Brute force prevention
                                  20. Patch management
                                  21. Identity access management
                                  22. Privileged access principels
                                  23. Network Monitoring Tools (Siem)
                                  24. Intrusion Detection Systems
                                  25. Cloud access security broker
                                  26. DNS filter/URL filtering.
                                  27. Honeypot
                                  28. Penetration testing
                                  29. Physical access security
                                  30. VPN when working outsite the organization’s network
                                  31. Avoid non-company IT services
                                  32. No non-standard software installed on personal PC’s
                                  33. Sandboxes for testing/investigating
                                  34. E-mail security
                                  35. Awareness training
                                  36. USB port policies
                                  37. Work phone policies
                                  38. Data categorization
                                  39. No clear text passwords
                                  40. Encryption in transit
                                  41. Encryption at rest
                                  42. Encryption key management
                                  43. E-mail encryption
                                  44. Disk encryption
                                  45. Backup encryption
                                  46. Data loss prevention solution
                                  47. Zero-trust principle
                                  48. Least privilege principle
                                  49. Privileged account policies
                                  50. Secrets management
                                  51. RBAC
                                  52. AD security
                                  53. Service accounts security policies
                                  54. Multi-factor authentication
                                  55. Antivirus software
                                  56. Incident response

                                  Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                                  To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                                  I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                                  In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                                  Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                                  Improve IT

                                  What I Do

                                  I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                                  • Employee onboarding/offboarding processes
                                  • How the employees behave on the behalf of the organization
                                  • Security and backup of all the cloud solutions you subscribe to
                                  • Emergency procedures

                                  They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                                  I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                                  Assessment
                                  I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                                  Strategy
                                  In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                                  Implementation
                                  The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                                  Ongoing support
                                  New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                                  How my services will fit you
                                  IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                                  My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                                  And at last, the brutal truth
                                  IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                                  Text on panel

                                  This is text about the IT security review.

                                  CONTACT

                                  CONTACT ME

                                  Phone

                                  +45 29 64 65 53

                                  E-mail

                                  rene@rosendal-hansen.dk

                                  Location

                                  Copenhagen, Denmark

                                  Connect

                                  linkedin.com/in/renerosendal/

                                  Let's Talk

                                    PORTFOLIO

                                    PORTFOLIO

                                    Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                    FILTERS
                                    • All
                                    • SEO
                                    • Web Design
                                    • WordPress
                                    Cernantur enim se cernantur illum.

                                    PHOTO GALLERY

                                    Cernantur enim se cernantur illum.

                                    Illum excepteur e domestic sia.

                                    VIDEO GALLERY

                                    Illum excepteur e domestic sia.

                                    Do labore pariatur ut fugiat cupid.

                                    AUTOPLAY ON

                                    Do labore pariatur ut fugiat cupid.

                                    Nisi commodo commodo, voluptate sunt.

                                    PHOTO GALLERY

                                    Nisi commodo commodo, voluptate sunt.

                                    Cillum nescius hic anim cillum.

                                    SINGLE PORTFOLIO

                                    Cillum nescius hic anim cillum.

                                    Cernantur enim se cernantur illum.

                                    ANOTHER GALLERY

                                    Cernantur enim se cernantur illum.

                                    RESUME
                                    RESUME

                                    EXPERIENCE

                                    Senior Developer - Google Inc

                                    2010 to present

                                    2010

                                    Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                    Art Director - Designs Ltd

                                    2008-2010

                                    2008

                                    Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                    Web Designer - Web Agency

                                    2005-2008

                                    2005

                                    Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                    EDUCATION

                                    The University of Texas

                                    1997-2002

                                    1997

                                    Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                    Institue of Design

                                    1994-1997

                                    1994

                                    Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                    SKILLS

                                    Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                    HTML5
                                    75%
                                    CSS3
                                    65%
                                    jQuery
                                    50%
                                    PHP
                                    80%
                                    WordPress
                                    100%
                                    SEO
                                    75%
                                    Photoshop
                                    70%
                                    ABOUT ME
                                    ABOUT ME

                                    About Me

                                    I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                    In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                    While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                    By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                    - ChatGPT on behalf of René Rosendal

                                    Location

                                    Copenhagen

                                    Languages

                                    Danish, English, SQL


                                    Profession

                                    IT Architect

                                    Availability

                                    Evenings/Weekends


                                    Resume

                                    Senior IT Architect

                                    2022 - present

                                    Falck

                                    Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                    Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                    Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                    IT Architect

                                    2020-2022

                                    Forca

                                    Solution Architect within a scaled agile setup

                                    Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                    Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                    Consultant

                                    2018-2020

                                    Deloitte

                                    Consultant within the areas of business intelligence, automation & architecture

                                    Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                    Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                    BI Consultant

                                    2016-2018

                                    Inspari

                                    Business intelligence consultant

                                    Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                    Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                    Never Ending Cyber Security

                                    During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                    I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                    I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                    I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                                    At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                                    1. Backup on-prem
                                    2. Backup cloud/SaaS
                                    3. Restore test
                                    4. 3-2-1 backup method
                                    5. Ransomware protection
                                    6. Redundancy
                                    7. DDos protection
                                    8. Single point of failure
                                    9. Network segregation
                                    10. Endpoint security
                                    11. Firewall/gateway protection
                                    12. Break glass policies/solutions
                                    13. IoT security
                                    14. Segregartion of duties
                                    15. DevSecOps
                                    16. Secrets management
                                    17. Sql injection protection
                                    18. Cross site scripting
                                    19. Brute force prevention
                                    20. Patch management
                                    21. Identity access management
                                    22. Privileged access principels
                                    23. Network Monitoring Tools (Siem)
                                    24. Intrusion Detection Systems
                                    25. Cloud access security broker
                                    26. DNS filter/URL filtering.
                                    27. Honeypot
                                    28. Penetration testing
                                    29. Physical access security
                                    30. VPN when working outsite the organization’s network
                                    31. Avoid non-company IT services
                                    32. No non-standard software installed on personal PC’s
                                    33. Sandboxes for testing/investigating
                                    34. E-mail security
                                    35. Awareness training
                                    36. USB port policies
                                    37. Work phone policies
                                    38. Data categorization
                                    39. No clear text passwords
                                    40. Encryption in transit
                                    41. Encryption at rest
                                    42. Encryption key management
                                    43. E-mail encryption
                                    44. Disk encryption
                                    45. Backup encryption
                                    46. Data loss prevention solution
                                    47. Zero-trust principle
                                    48. Least privilege principle
                                    49. Privileged account policies
                                    50. Secrets management
                                    51. RBAC
                                    52. AD security
                                    53. Service accounts security policies
                                    54. Multi-factor authentication
                                    55. Antivirus software
                                    56. Incident response

                                    Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                                    To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                                    I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                                    In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                                    Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                                    Improve IT

                                    What I Do

                                    I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                                    • Employee onboarding/offboarding processes
                                    • How the employees behave on the behalf of the organization
                                    • Security and backup of all the cloud solutions you subscribe to
                                    • Emergency procedures

                                    They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                                    I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                                    Assessment
                                    I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                                    Strategy
                                    In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                                    Implementation
                                    The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                                    Ongoing support
                                    New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                                    How my services will fit you
                                    IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                                    My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                                    And at last, the brutal truth
                                    IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                                    Text on panel

                                    This is text about the IT security review.

                                    CONTACT

                                    CONTACT ME

                                    Phone

                                    +45 29 64 65 53

                                    E-mail

                                    rene@rosendal-hansen.dk

                                    Location

                                    Copenhagen, Denmark

                                    Connect

                                    linkedin.com/in/renerosendal/

                                    Let's Talk

                                      PORTFOLIO

                                      PORTFOLIO

                                      Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                      FILTERS
                                      • All
                                      • SEO
                                      • Web Design
                                      • WordPress
                                      Cernantur enim se cernantur illum.

                                      PHOTO GALLERY

                                      Cernantur enim se cernantur illum.

                                      Illum excepteur e domestic sia.

                                      VIDEO GALLERY

                                      Illum excepteur e domestic sia.

                                      Do labore pariatur ut fugiat cupid.

                                      AUTOPLAY ON

                                      Do labore pariatur ut fugiat cupid.

                                      Nisi commodo commodo, voluptate sunt.

                                      PHOTO GALLERY

                                      Nisi commodo commodo, voluptate sunt.

                                      Cillum nescius hic anim cillum.

                                      SINGLE PORTFOLIO

                                      Cillum nescius hic anim cillum.

                                      Cernantur enim se cernantur illum.

                                      ANOTHER GALLERY

                                      Cernantur enim se cernantur illum.

                                      RESUME
                                      RESUME

                                      EXPERIENCE

                                      Senior Developer - Google Inc

                                      2010 to present

                                      2010

                                      Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                      Art Director - Designs Ltd

                                      2008-2010

                                      2008

                                      Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                      Web Designer - Web Agency

                                      2005-2008

                                      2005

                                      Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                      EDUCATION

                                      The University of Texas

                                      1997-2002

                                      1997

                                      Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                      Institue of Design

                                      1994-1997

                                      1994

                                      Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                      SKILLS

                                      Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                      HTML5
                                      75%
                                      CSS3
                                      65%
                                      jQuery
                                      50%
                                      PHP
                                      80%
                                      WordPress
                                      100%
                                      SEO
                                      75%
                                      Photoshop
                                      70%
                                      ABOUT ME
                                      ABOUT ME

                                      About Me

                                      I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                      In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                      While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                      By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                      - ChatGPT on behalf of René Rosendal

                                      Location

                                      Copenhagen

                                      Languages

                                      Danish, English, SQL


                                      Profession

                                      IT Architect

                                      Availability

                                      Evenings/Weekends


                                      Resume

                                      Senior IT Architect

                                      2022 - present

                                      Falck

                                      Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                      Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                      Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                      IT Architect

                                      2020-2022

                                      Forca

                                      Solution Architect within a scaled agile setup

                                      Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                      Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                      Consultant

                                      2018-2020

                                      Deloitte

                                      Consultant within the areas of business intelligence, automation & architecture

                                      Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                      Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                      BI Consultant

                                      2016-2018

                                      Inspari

                                      Business intelligence consultant

                                      Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                      Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                      Never Ending Cyber Security

                                      During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                      I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                      I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                      I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                                      At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                                      1. Backup on-prem
                                      2. Backup cloud/SaaS
                                      3. Restore test
                                      4. 3-2-1 backup method
                                      5. Ransomware protection
                                      6. Redundancy
                                      7. DDos protection
                                      8. Single point of failure
                                      9. Network segregation
                                      10. Endpoint security
                                      11. Firewall/gateway protection
                                      12. Break glass policies/solutions
                                      13. IoT security
                                      14. Segregartion of duties
                                      15. DevSecOps
                                      16. Secrets management
                                      17. Sql injection protection
                                      18. Cross site scripting
                                      19. Brute force prevention
                                      20. Patch management
                                      21. Identity access management
                                      22. Privileged access principels
                                      23. Network Monitoring Tools (Siem)
                                      24. Intrusion Detection Systems
                                      25. Cloud access security broker
                                      26. DNS filter/URL filtering.
                                      27. Honeypot
                                      28. Penetration testing
                                      29. Physical access security
                                      30. VPN when working outsite the organization’s network
                                      31. Avoid non-company IT services
                                      32. No non-standard software installed on personal PC’s
                                      33. Sandboxes for testing/investigating
                                      34. E-mail security
                                      35. Awareness training
                                      36. USB port policies
                                      37. Work phone policies
                                      38. Data categorization
                                      39. No clear text passwords
                                      40. Encryption in transit
                                      41. Encryption at rest
                                      42. Encryption key management
                                      43. E-mail encryption
                                      44. Disk encryption
                                      45. Backup encryption
                                      46. Data loss prevention solution
                                      47. Zero-trust principle
                                      48. Least privilege principle
                                      49. Privileged account policies
                                      50. Secrets management
                                      51. RBAC
                                      52. AD security
                                      53. Service accounts security policies
                                      54. Multi-factor authentication
                                      55. Antivirus software
                                      56. Incident response

                                      Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                                      To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                                      I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                                      In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                                      Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                                      Improve IT

                                      What I Do

                                      I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                                      • Employee onboarding/offboarding processes
                                      • How the employees behave on the behalf of the organization
                                      • Security and backup of all the cloud solutions you subscribe to
                                      • Emergency procedures

                                      They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                                      I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                                      Assessment
                                      I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                                      Strategy
                                      In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                                      Implementation
                                      The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                                      Ongoing support
                                      New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                                      How my services will fit you
                                      IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                                      My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                                      And at last, the brutal truth
                                      IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                                      Text on panel

                                      This is text about the IT security review.

                                      CONTACT

                                      CONTACT ME

                                      Phone

                                      +45 29 64 65 53

                                      E-mail

                                      rene@rosendal-hansen.dk

                                      Location

                                      Copenhagen, Denmark

                                      Connect

                                      linkedin.com/in/renerosendal/

                                      Let's Talk

                                        PORTFOLIO

                                        PORTFOLIO

                                        Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                        FILTERS
                                        • All
                                        • SEO
                                        • Web Design
                                        • WordPress
                                        Cernantur enim se cernantur illum.

                                        PHOTO GALLERY

                                        Cernantur enim se cernantur illum.

                                        Illum excepteur e domestic sia.

                                        VIDEO GALLERY

                                        Illum excepteur e domestic sia.

                                        Do labore pariatur ut fugiat cupid.

                                        AUTOPLAY ON

                                        Do labore pariatur ut fugiat cupid.

                                        Nisi commodo commodo, voluptate sunt.

                                        PHOTO GALLERY

                                        Nisi commodo commodo, voluptate sunt.

                                        Cillum nescius hic anim cillum.

                                        SINGLE PORTFOLIO

                                        Cillum nescius hic anim cillum.

                                        Cernantur enim se cernantur illum.

                                        ANOTHER GALLERY

                                        Cernantur enim se cernantur illum.

                                        RESUME
                                        RESUME

                                        EXPERIENCE

                                        Senior Developer - Google Inc

                                        2010 to present

                                        2010

                                        Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                        Art Director - Designs Ltd

                                        2008-2010

                                        2008

                                        Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                        Web Designer - Web Agency

                                        2005-2008

                                        2005

                                        Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                        EDUCATION

                                        The University of Texas

                                        1997-2002

                                        1997

                                        Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                        Institue of Design

                                        1994-1997

                                        1994

                                        Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                        SKILLS

                                        Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                        HTML5
                                        75%
                                        CSS3
                                        65%
                                        jQuery
                                        50%
                                        PHP
                                        80%
                                        WordPress
                                        100%
                                        SEO
                                        75%
                                        Photoshop
                                        70%
                                        ABOUT ME
                                        ABOUT ME

                                        About Me

                                        I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                        In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                        While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                        By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                        - ChatGPT on behalf of René Rosendal

                                        Location

                                        Copenhagen

                                        Languages

                                        Danish, English, SQL


                                        Profession

                                        IT Architect

                                        Availability

                                        Evenings/Weekends


                                        Resume

                                        Senior IT Architect

                                        2022 - present

                                        Falck

                                        Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                        Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                        Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                        IT Architect

                                        2020-2022

                                        Forca

                                        Solution Architect within a scaled agile setup

                                        Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                        Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                        Consultant

                                        2018-2020

                                        Deloitte

                                        Consultant within the areas of business intelligence, automation & architecture

                                        Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                        Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                        BI Consultant

                                        2016-2018

                                        Inspari

                                        Business intelligence consultant

                                        Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                        Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                        Never Ending Cyber Security

                                        During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                        I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                        I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                        I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                                        At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                                        1. Backup on-prem
                                        2. Backup cloud/SaaS
                                        3. Restore test
                                        4. 3-2-1 backup method
                                        5. Ransomware protection
                                        6. Redundancy
                                        7. DDos protection
                                        8. Single point of failure
                                        9. Network segregation
                                        10. Endpoint security
                                        11. Firewall/gateway protection
                                        12. Break glass policies/solutions
                                        13. IoT security
                                        14. Segregartion of duties
                                        15. DevSecOps
                                        16. Secrets management
                                        17. Sql injection protection
                                        18. Cross site scripting
                                        19. Brute force prevention
                                        20. Patch management
                                        21. Identity access management
                                        22. Privileged access principels
                                        23. Network Monitoring Tools (Siem)
                                        24. Intrusion Detection Systems
                                        25. Cloud access security broker
                                        26. DNS filter/URL filtering.
                                        27. Honeypot
                                        28. Penetration testing
                                        29. Physical access security
                                        30. VPN when working outsite the organization’s network
                                        31. Avoid non-company IT services
                                        32. No non-standard software installed on personal PC’s
                                        33. Sandboxes for testing/investigating
                                        34. E-mail security
                                        35. Awareness training
                                        36. USB port policies
                                        37. Work phone policies
                                        38. Data categorization
                                        39. No clear text passwords
                                        40. Encryption in transit
                                        41. Encryption at rest
                                        42. Encryption key management
                                        43. E-mail encryption
                                        44. Disk encryption
                                        45. Backup encryption
                                        46. Data loss prevention solution
                                        47. Zero-trust principle
                                        48. Least privilege principle
                                        49. Privileged account policies
                                        50. Secrets management
                                        51. RBAC
                                        52. AD security
                                        53. Service accounts security policies
                                        54. Multi-factor authentication
                                        55. Antivirus software
                                        56. Incident response

                                        Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                                        To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                                        I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                                        In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                                        Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                                        Improve IT

                                        What I Do

                                        I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                                        • Employee onboarding/offboarding processes
                                        • How the employees behave on the behalf of the organization
                                        • Security and backup of all the cloud solutions you subscribe to
                                        • Emergency procedures

                                        They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                                        I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                                        Assessment
                                        I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                                        Strategy
                                        In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                                        Implementation
                                        The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                                        Ongoing support
                                        New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                                        How my services will fit you
                                        IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                                        My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                                        And at last, the brutal truth
                                        IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                                        Text on panel

                                        This is text about the IT security review.

                                        CONTACT

                                        CONTACT ME

                                        Phone

                                        +45 29 64 65 53

                                        E-mail

                                        rene@rosendal-hansen.dk

                                        Location

                                        Copenhagen, Denmark

                                        Connect

                                        linkedin.com/in/renerosendal/

                                        Let's Talk

                                          PORTFOLIO

                                          PORTFOLIO

                                          Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                          FILTERS
                                          • All
                                          • SEO
                                          • Web Design
                                          • WordPress
                                          Cernantur enim se cernantur illum.

                                          PHOTO GALLERY

                                          Cernantur enim se cernantur illum.

                                          Illum excepteur e domestic sia.

                                          VIDEO GALLERY

                                          Illum excepteur e domestic sia.

                                          Do labore pariatur ut fugiat cupid.

                                          AUTOPLAY ON

                                          Do labore pariatur ut fugiat cupid.

                                          Nisi commodo commodo, voluptate sunt.

                                          PHOTO GALLERY

                                          Nisi commodo commodo, voluptate sunt.

                                          Cillum nescius hic anim cillum.

                                          SINGLE PORTFOLIO

                                          Cillum nescius hic anim cillum.

                                          Cernantur enim se cernantur illum.

                                          ANOTHER GALLERY

                                          Cernantur enim se cernantur illum.

                                          RESUME
                                          RESUME

                                          EXPERIENCE

                                          Senior Developer - Google Inc

                                          2010 to present

                                          2010

                                          Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                          Art Director - Designs Ltd

                                          2008-2010

                                          2008

                                          Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                          Web Designer - Web Agency

                                          2005-2008

                                          2005

                                          Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                          EDUCATION

                                          The University of Texas

                                          1997-2002

                                          1997

                                          Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                          Institue of Design

                                          1994-1997

                                          1994

                                          Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                          SKILLS

                                          Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                          HTML5
                                          75%
                                          CSS3
                                          65%
                                          jQuery
                                          50%
                                          PHP
                                          80%
                                          WordPress
                                          100%
                                          SEO
                                          75%
                                          Photoshop
                                          70%
                                          ABOUT ME
                                          ABOUT ME

                                          About Me

                                          I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                          In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                          While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                          By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                          - ChatGPT on behalf of René Rosendal

                                          Location

                                          Copenhagen

                                          Languages

                                          Danish, English, SQL


                                          Profession

                                          IT Architect

                                          Availability

                                          Evenings/Weekends


                                          Resume

                                          Senior IT Architect

                                          2022 - present

                                          Falck

                                          Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                          Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                          Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                          IT Architect

                                          2020-2022

                                          Forca

                                          Solution Architect within a scaled agile setup

                                          Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                          Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                          Consultant

                                          2018-2020

                                          Deloitte

                                          Consultant within the areas of business intelligence, automation & architecture

                                          Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                          Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                          BI Consultant

                                          2016-2018

                                          Inspari

                                          Business intelligence consultant

                                          Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                          Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                          Never Ending Cyber Security

                                          During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                          I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                          I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                          I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fines, and leaders can be held personal responsible. That is scary cyber security stuff.

                                          At least I have a checklist now, and I believe that I will add more items, when they come across my mind. Separating them into categories may also help me define which security measures are relevant for which projects. Let me know what my list is missing.

                                          1. Backup on-prem
                                          2. Backup cloud/SaaS
                                          3. Restore test
                                          4. 3-2-1 backup method
                                          5. Ransomware protection
                                          6. Redundancy
                                          7. DDos protection
                                          8. Single point of failure
                                          9. Network segregation
                                          10. Endpoint security
                                          11. Firewall/gateway protection
                                          12. Break glass policies/solutions
                                          13. IoT security
                                          14. Segregartion of duties
                                          15. DevSecOps
                                          16. Secrets management
                                          17. Sql injection protection
                                          18. Cross site scripting
                                          19. Brute force prevention
                                          20. Patch management
                                          21. Identity access management
                                          22. Privileged access principels
                                          23. Network Monitoring Tools (Siem)
                                          24. Intrusion Detection Systems
                                          25. Cloud access security broker
                                          26. DNS filter/URL filtering.
                                          27. Honeypot
                                          28. Penetration testing
                                          29. Physical access security
                                          30. VPN when working outsite the organization’s network
                                          31. Avoid non-company IT services
                                          32. No non-standard software installed on personal PC’s
                                          33. Sandboxes for testing/investigating
                                          34. E-mail security
                                          35. Awareness training
                                          36. USB port policies
                                          37. Work phone policies
                                          38. Data categorization
                                          39. No clear text passwords
                                          40. Encryption in transit
                                          41. Encryption at rest
                                          42. Encryption key management
                                          43. E-mail encryption
                                          44. Disk encryption
                                          45. Backup encryption
                                          46. Data loss prevention solution
                                          47. Zero-trust principle
                                          48. Least privilege principle
                                          49. Privileged account policies
                                          50. Secrets management
                                          51. RBAC
                                          52. AD security
                                          53. Service accounts security policies
                                          54. Multi-factor authentication
                                          55. Antivirus software
                                          56. Incident response

                                          Releasing this blog showed me how scary yet fascinating the internet can be. I must admit that I got a little excited when someone reached out to me on the day my new blog went live. That excitement quickly faded once I discovered who had actually contacted me.

                                          To build the blog, I purchased and implemented a template that included a contact form. Not only did a bot enter my site, but it also clicked on the contact page, filled out the contact form, and hit reply. The message contained a combination of Russian and Danish text, along with a link. I suspect the “masterminds” behind it want me to click that link.

                                          I guess lesson number one in my summer project is this: if something is exposed to the internet, zombie servers (bots) will sneak up on it and knock on its door… Not just once, but every day.

                                          In my next post, I will create a secure environment and attempt to click the links in the scam messages. I hope to gain more insights into what the scammers want and how clever their tricks truly are.

                                          Note: I implemented a CAPTCHA, a feature that always annoys me. Let’s see if that keeps the bots from knocking again.

                                          Improve IT

                                          What I Do

                                          I help you protect your valuable data and IT systems by covering the areas of IT security, that are often forgotten. We tend to associate IT security with protecting the local IT infrastructure and network. Avoiding the digital threads and risks requires more than that, and it is so easy to forget areas like:

                                          • Employee onboarding/offboarding processes
                                          • How the employees behave on the behalf of the organization
                                          • Security and backup of all the cloud solutions you subscribe to
                                          • Emergency procedures

                                          They are just as important as securing the perimeter, and do often cause huge risks and loses, when forgotten.

                                          I have developed a framework including checklists to make sure all relevant areas for your organization are covered. I will guide us through every step from reviewing to improving your IT security following these steps:

                                          Assessment
                                          I conduct an IT security health-check following my checklist of areas that are often forgotten. This including IT systems as well as  procedures, policies and disaster recovery plans etc.

                                          Strategy
                                          In a cooperation, we define an IT security tailored to the type and needs of your business. This including relevant security system assessment, procedures, policies etc.

                                          Implementation
                                          The implementation involves several activities from implementing security systems, procedures and testing disaster recovery plans.

                                          Ongoing support
                                          New threads and risks will occur over time as the business develops. To accommodate this, I of course offer ongoing support to develop and implement relevant updates to the security strategy.

                                          How my services will fit you
                                          IT security is important for all of us. However, my freelance services are most relevant for smaller and medium sized companies. Larger companies are recommended to have full time IT security specialists. Here my offerings can cover parts of their IT landscape.

                                          My offerings focus on IT security and security architecture, which I am passioned about. However, as an IT architect I perform different tasks related to IT development and implementation. So, feel free to reach out if you have other IT-related tasks. I may be able to help.

                                          And at last, the brutal truth
                                          IT security breaches, attacks and incidents can of course not be completely avoided. However, it is all about the good feeling of having done what you can to mitigate it, and be prepared when it hits.

                                          Text on panel

                                          This is text about the IT security review.

                                          CONTACT

                                          CONTACT ME

                                          Phone

                                          +45 29 64 65 53

                                          E-mail

                                          rene@rosendal-hansen.dk

                                          Location

                                          Copenhagen, Denmark

                                          Connect

                                          linkedin.com/in/renerosendal/

                                          Let's Talk

                                            PORTFOLIO

                                            PORTFOLIO

                                            Labore o deserunt est legam, quae illustriora deserunt aliqua cupidatat. Possumus instituendarum hic iudicem o ingeniis summis quorum arbitror fugiat ad hic sint ingeniis sempiternum.

                                            FILTERS
                                            • All
                                            • SEO
                                            • Web Design
                                            • WordPress
                                            Cernantur enim se cernantur illum.

                                            PHOTO GALLERY

                                            Cernantur enim se cernantur illum.

                                            Illum excepteur e domestic sia.

                                            VIDEO GALLERY

                                            Illum excepteur e domestic sia.

                                            Do labore pariatur ut fugiat cupid.

                                            AUTOPLAY ON

                                            Do labore pariatur ut fugiat cupid.

                                            Nisi commodo commodo, voluptate sunt.

                                            PHOTO GALLERY

                                            Nisi commodo commodo, voluptate sunt.

                                            Cillum nescius hic anim cillum.

                                            SINGLE PORTFOLIO

                                            Cillum nescius hic anim cillum.

                                            Cernantur enim se cernantur illum.

                                            ANOTHER GALLERY

                                            Cernantur enim se cernantur illum.

                                            RESUME
                                            RESUME

                                            EXPERIENCE

                                            Senior Developer - Google Inc

                                            2010 to present

                                            2010

                                            Nescius malis eram si malis, elit de officia, quibusdam summis pariatur appellat se litteris ad legam, irure ubi offendit do te irure nescius comprehenderit, mandaremus eram ullamco e eu esse malis in officia. Quae vidisse expetendis se quem litteris ubi despica.

                                            Art Director - Designs Ltd

                                            2008-2010

                                            2008

                                            Do aute fugiat fugiat singulis, culpa efflorescere tempor quis ullamco ita e in instituendarum id deserunt culpa senserit admodum. Ex malis distinguantur. Multos tempor te culpa sint, velit commodo de quid veniam. Labore eiusmod an laboris.

                                            Web Designer - Web Agency

                                            2005-2008

                                            2005

                                            Nam sed nisi fore amet, irure litteris non tractavissent, ipsum arbitror ex familiaritatem do ut nulla est magna ita pariatur nulla summis aut varias, proident summis incurreret doctrina, ita proident ubi admodum, nam malis nulla ne eiusmod. Admodum non ipsum laboris.


                                            EDUCATION

                                            The University of Texas

                                            1997-2002

                                            1997

                                            Incididunt efflorescere se doctrina aut quid non probant, ubi sed esse mandaremus, ex dolore o duis ex proident si irure ad ea se nulla possumus, nescius elit consequat eiusmod quo in nam sunt velit aute. Ea minim dolore aliqua arbitror qui ab ipsum quae cillum commodo o an aut eram officia id aut.

                                            Institue of Design

                                            1994-1997

                                            1994

                                            Quibusdam duis iudicem iudicem, ex quid quis legam incurreret se quo aute quibusdam vidisse non qui admodum ita laborum. Quamquam dolor aute laborum malis, culpa hic quo nisi doctrina te incurreret duis minim deserunt fore, nisi aliquip distinguantur.


                                            SKILLS

                                            Minim singulis pariatur. De eram exercitation, cillum admodum non expetendis. Te qui sunt mandaremus.

                                            HTML5
                                            75%
                                            CSS3
                                            65%
                                            jQuery
                                            50%
                                            PHP
                                            80%
                                            WordPress
                                            100%
                                            SEO
                                            75%
                                            Photoshop
                                            70%
                                            ABOUT ME
                                            ABOUT ME

                                            About Me

                                            I am a Senior IT architect at Falck, a respected Danish company providing fire, ambulance services, and private healthcare. My primary focus revolves around managing and overseeing large-scale IT implementations, which span over a year from idea to execution. I find immense fascination in projects of this magnitude and thoroughly enjoy my role within the company.

                                            In addition to my professional pursuits, there is a more creative side of me that yearns to offer my own products on a smaller scale. This allows me to merge my work at Falck with freelance services, enabling me to explore new opportunities, particularly in the field of IT security, an area that has captivated me since my master's thesis.

                                            While IT is central to my professional life, I also value the importance of completely disconnecting in my spare time. I seek solace in a diverse range of hobbies and interests. Traveling is one of my passions, as it provides me with new experiences and broadens my horizons. I also find joy in my garden, nurturing and cultivating plants. The soothing sound of the piano fills my leisure hours, allowing melodies to bring tranquility to my mind. Lastly, I embrace the art of mixology, shaking up delicious cocktails and relishing in the results.

                                            By striking a balance between my professional and personal pursuits, I approach each day with renewed vigor and enthusiasm, allowing me to thrive both within and outside of my work at Falck.

                                            - ChatGPT on behalf of René Rosendal

                                            Location

                                            Copenhagen

                                            Languages

                                            Danish, English, SQL


                                            Profession

                                            IT Architect

                                            Availability

                                            Evenings/Weekends


                                            Resume

                                            Senior IT Architect

                                            2022 - present

                                            Falck

                                            Responsible for the finance area:  ERP implementation, integration platform and Azure cloud migration

                                            Methods: Agile methodologies, Archimate notation standard, data methods – source to target mapping, data governance, data modelling.
                                            Technologies: Azure DevOps, Horizzon/Bizzdesign, Visio, Sharepoint, Azure
                                            IT Architect

                                            2020-2022

                                            Forca

                                            Solution Architect within a scaled agile setup

                                            Methods: Agile methodologies, C4 notation for solution architecture, data methods – source to target mapping, data governance, data modelling.
                                            Technologies: Azure DevOps, Tag Manager, Visio, PowerBI, Customer Data Platform
                                            Consultant

                                            2018-2020

                                            Deloitte

                                            Consultant within the areas of business intelligence, automation & architecture

                                            Methods: Agile Methodologies, Kimball Data Modelling, source to target mapping
                                            Technologies: Microsoft business intelligence tools – SSIS, SSAS, Power BI, Visio, Boost.ai chatbot tool. 
                                            BI Consultant

                                            2016-2018

                                            Inspari

                                            Business intelligence consultant

                                            Methods: Conceptual modelling, Kimball data modelling, source to target mapping, agile methodologies, wireframing and prototyping. 
                                            Technologies: SQL, SSIS, SSAS, Tableau, PowerBI - and other good old stuff running on-premise
                                            Never Ending Cyber Security

                                            During my summer project of investigating IT security and AI, I am having a hard time picking a topic to dive into. Especially when it comes to IT security, that is insanely big. From now on, I may question people with the title of IT security experts. Ask them which part of IT security, they are experts in, as they can’t possibly be export on it all.

                                            I decided to do a brainstorm of all the cyber security related topics, I could come up with. It led to the list below. 56 items, and some of them are huge just by themselves. Take least privi-lege access principle of users only having access to what they need and nothing more. The scary thing about this is imaging what it would require implementing and enforcing the whole list.

                                            I guess what is important and often overlooked is to prioritize and be clear about what is left out of scope. It is a difficult exercise. Having to tell the management, steering committee, or other decision makers that it is necessary to descope 8 security measures to avoid killing the project. I believe they will steal the focus from the 37 other security measures, the project managed to include.

                                            I will be interesting to see, if we change that approach next year, where the NIS2 EU directive is entered into force. By then a wide list of companies that deliver services related to critical in-frastructure must comply with security measures within 10 specified categories. I checked out the directive. The categories are broad, and covers my entire brainstorm list, and additional policies and reporting procedures. Failing to comply with NIS2 can lead to large fin