Value of Networking + Informational Interviewing Tips

I recently facilitated the ASTD Training Certificate Program sponsored by the ASTD Ft. Worth, TX chapter. One of my participants was a gal named Eileen from California. Eileen is transitioning from Sales Management in the Pharmaceutical industry in to training and development. Eileen will be fabulous – she has excellent business acumen, in-depth industry experience, a natural energy and zest for learning, and great facilitation skills. She was a joy to have in our session!

As I mentioned, Eileen is transitioning into the workplace learning and performance/training and development profession. She’s asking the right questions to gather the information and perspective she needs to be successful. Eileen just wrote me today with a networking update:

“… speaking of networking, I have just learned the valuable lesson of always getting your job search message out complete with your professional objective.

Monday night while sitting around after playing a tennis match, the other members of the team asked about my class that I had taken through ASTD. I raved on about the class and about you. One of the players whom I don’t know very well sat listening intently and then asked a few more questions about what type of job I was looking to transition into. I provided a recap of my past employment, my skills and my goals about breaking into the training and development industry.

She then says to me, “You know, you should speak with my mother-in-law, she OWNS a training and development company”!!! Amazing, huh?”

So Eileen is on the right track to make her transition successful! She now has an informational interview set up with the owner of the training company. Eileen asked me for suggestions on questions that she should not miss asking. Below are some thoughts I shared. Read on, and then let me know what powerful questions you recommend for information interviews?

  • What do you recommend I do to prepare for a position In your company/department should one become available?” Take good notes, then if you are really interested in that company/department, start doing what they suggest!
  • What concerns would you have about hiring me?” or some variation… the goal is to ferret out information that may be holding you back without you being aware of it.
  • Similarly, ask “if you had a position available, why would you hire me?” or some variation – try to discover what the person you are talking with sees as your strengths that you may not recognize (or to reinforce what you know to be true about yourself and to help them see it as well).
  • Be sure to find out about the types of clients they work with, the type of work they do… “Describe a typical day in your job for me.” They likely won’t have a “typical” day, but you want to get a feel for the variety of activities and responsibilities in their work. Of course, if you are talking to the owner of a company that has people/trainers working for them, you may want to modify to “a typical day for your trainers” or whichever position you are interested in.
  • It is always good to ask about the pleasures and frustrations they experience in their role/company. This will help you be realistic about future positions you may land in.
  • I’d also recommend asking the person you are talking with to describe her perfect client, her company culture… all things to help you get a feel for if you’d want to work there or to help you narrow down the type of work you want to do and the type of environment in which to do it.

I hope these questions help Eileen. As I said, she is well on her way to a successful transition into my beloved profession.

We all need a little help from our friends via networking, informational interviews, and thoughts on how to prepare. What tips do you have for informational interviews?

Business IT Networks – 5 Common Problems Overlooked by Entrepreneurs

IT Networks though simple, require extensive planning to ensure stability, yet we often encounter businesses that are unacquainted with the imperative role networking plays in the efficient functioning of their company.

Informed business entrepreneurs often opt to upgrade their networking systems to suit their organizational structure. Although upgrading is an expensive, time consuming process, its benefits are ten fold. Though, there are some small size companies that insist on having a Windows XP workstation function as a network server, this decision may eventually lead to decrease in efficiency and productivity of the entire Information Technology environment.

Network Consultants should always analyze the nature of your business so as to recommend a networking/Information Technology system that would be the best fit for your business. IT Consultants should evaluate both hardware and software requirements to guide your company through the pros and cons of various networking options that your business may be considering.

From a network consulting standpoint, these are five common problems that are either neglected by businesses or not included in the overall planning of the Network Infrastructure.

Disaster Recovery: Although entrepreneurs are risk takers they provide for all contingencies. While they insure their store and goods against fire, theft, natural calamities, etc., in many cases they ignore the need to implement a disaster recovery plan for financial records, employee payroll and client data. Losing valuable customer information to a fire would result in temporary chaos and a financial drain. Therefore, a data recovery system should be available to restore normal operation within 24 to 48 hours.
There are several options to evaluate depending on the size of the business. A good Technology consulting company should be able to assess the needs and accordingly recommend an IT recovery plan that is fool proof yet affordable.

Redundancy: Although businesses are advised to maintain an alternate or redundant source of power supply for critical servers, many entrepreneurs ignore this simple loss prevention method in order to save a few hundred dollars. For example, servers that process customer credit card transactions are not exempted from the probability of failure and if not backed by a redundant power source, it may lead to a major financial loss. The point that I am trying to get across is that important network equipment should be identified and a redundant plan should be implemented to provide against unforeseen circumstances.

Network Security: Viruses are not strangers to the world of computers and internet. While performing technology analysis and auditing we come across businesses that have servers on DMZ without network security [] measures like a simple firewall. We have seen instances were employees had full access to the network server running virus inviting programs like Limewire. An obvious result of this would be a slow network. In most cases, passwords for workstations, servers etc. are identical and shared. Impermeable network security plans should be implemented especially when business IT infrastructure holds confidential information of clients or individuals that may become a risk as well as an embarrassing situation if lost or stolen.

Network Speed: Businesses always focus on maximizing efficiency and productivity at the lowest cost and what better way to achieve this goal than to minimize wastage of employee time? Speed of IT networks depends on many factors from simple network security policies to restrict P2P software to intelligent switching hardware. You may be surprised but network infrastructure cabling (Cat 5, Cat 6, and Fiber Optics) also makes a significant difference on the performance of the entire network.

Expandability: Change in networking structure is an option that should always be open for clients. To plan ahead is important as a business need not overhaul a huge part of their network to see an insignificant benefit. A simple example would be to anticipate network storage requirements of data. Clients often overlook the importance of discussing options with consultants to make sure their IT system remains adequate for at least 3 to 5 years. The aim should be to minimize dollars spent without hindering the quality of work being performed by employees.

Consultants are professionals and while their recommendations should not be overlooked, they should not be adopted blindly either. As a customer you are entitled to know the ‘whys’ and ‘hows’ of every suggestion made. Request layman’s explanation for every problem encountered. Most importantly, ensure that the 5 major and basic areas are covered in the initial audit reports or recommendations made by any Technology consulting company.

Onsite Chicago is Technology Consulting Company for business in the Chicago area. Featured in major newspapers they are considered one of the top business network consulting firms. To view a complete list if IT services from Network Management, Network security and data / telephone cabling please visit Chicago Business Network Consultants page.

Network Risk Assessment: Penetration Testing and Social Engineering

Electronic information systems, now de rigueur for recordkeeping, hold company and customer data, a majority of which may be confidential. If ineffective network security controls are in place, however, an intruder can enter from the outside and steal the data to exploit. The result may be identity theft, leaked private company information (think of the WikiLeaks fiasco), lawsuits, or dissatisfied customers. In order to meet industry standards, keep company information confidential, and maintain a satisfied customer base, implement an effective network security plan involving regular risk assessments.

Although an electronic information system’s data is often thought of as solely technical, a network risk assessment considers all ways in which this information could be stolen, including through physical or social means. As a result, a network engineer performing a risk assessment uses a combination of penetration testing and social engineering techniques.

Penetration testing involves using ethical hacking techniques to break into a network and identify vulnerabilities, or weak points in which an outside party can enter. A four-phase process is used: planning, discovery, attacking, and reporting. The first two phases involve gathering all basic information for the network, including port and service identifications, host names, IP addresses, employee names and contact information, operating system information, and application and service information. To access the interior, the engineer may be granted employee-level access to the system. With all information gathered, the engineer does a vulnerability analysis, comparing the network data with a vulnerability database.

All vulnerabilities identified become targets for ethical hacking in the attack stage. When performing the test, the engineer determines if an attack was successful, the level of complexity needed to break in, and the measures necessary to reduce future attacks. Because vulnerabilities often come in groups, the engineer may go back and forth between the discovery and attack phases before producing a full report.

Data about employees and the system serves as reference for the social engineering part of network risk assessment. Often a phishing scheme, social engineering involves tricking network users to reveal passwords or usernames. Because employees should never blindly give away such information, the engineer poses as an outsider by attempting to obtain such information through online or telephone conversations, instant messages, or emails.

Email phishing schemes are some of the more common approaches for attackers to obtain network information. Typically, an email appearing to be authentic, such as from the company, a bank, or internet service provider, is sent out and requests username or password information. The email then takes the user to an unsecure website to obtain the information, which, aside from a username and password, may be account, credit card, or social security numbers. With this information, the intruder breaks into the network to steal data to possibly exploit.

Certain individuals, such as executives, may be more important than others on a network, and in social engineering, a network engineer may target such employees.