report
Name: Steven Bloomenthal
Learn and Earn
Learning Goals Personal & Professional Development Chart- PDC
|
Research studies show that developing autonomy, mastery, and purpose make for the most rewarding work and learning experiences. In your Internship Agreement, you set 5 personal learning goals that you would like to achieve by the semester-end of your internship experience. SMART goals are Specific, Measurable, Attainable, Realistic, and Timely. This chart serves to support the development and achievement of your 5 goals with concrete strategies and measurements of success. Week 1-2: Identify and narrow goals. Develop creative, realistic tactics to support your growth. Define your end measure of success. Midterm: Evaluate progress and make any adjustments as necessary to your learning goals. Week 15: Final evaluation of your learning goals.
Consider: What new opportunities will you have to explore? Who or what can you learn from? What patterns of communication, problem-solving, or work style have you already developed in school, work or social settings? Are there any strengths or weaknesses you’d like to improve upon in this internship experience? What will help clarify your career and academic aspirations? How can you become more marketable in your field?
Your 5 Learning Goals may support any or all of the academic learning outcomes for the student experience outlined below: · Develop technical skills and professional communications in a work setting · Understand industry and organizational structures, culture, and ethics · Apply and reflect on the connections to academic theory and practice · Strengthen critical thinking, research skills, and problem-solving skills · Develop awareness of self, others, and social responsibility in a work, career, and global context · Establish a network of professional contacts, mentors, references
|
What are your objectives for your personal and professional development? (Results, Goals) |
How will you get there?(Strategies, Tactics, and Methods) |
How will you know you have achieved what you want?(Measurable Indicators of Success- qualitative or quantitative) |
Satisfied With Progress
|
|
|
|
|
|
At Midterm At Final |
|
|
1. Become familiar the security needs of different departments impacted by security teams.
|
1a: Will speak with 2 people from each department. |
· challenges that they face on a daily occurrence. · Understand the CIA risks for each department · Understand how HIPPA impacts security protocol.
|
Partly Satisfied |
Not satisfied. Departments don’t intermix at all. |
|
|
1b: Will discuss with 5 individuals from each department the challenges that they face on a daily occurrence.
|
|
Not Satisfied. |
Not Satisfied. Again, departments don’t interact with one another. |
|
|
1c: I will have had a conversation with my direct supervisor about what we do relates to HIPPA
|
|
Satisfied |
Satisfied. Learned more about HIPPA than I ever wanted to know. |
|
2. Enlarge my own personal network in hopes of obtaining a permanent job |
2a: Be successful at my internship. |
· I will have my security department peers as connections on LinkedIn. This includes the 3 people that interviewed me. · I will have at least 1 person from the different tech departments as LinkedIn connections. · Ask for 3 referrals by the end of the internship.
|
Partly Satisfied. |
Partly Satisfied. I know I have accomplished quite a bit in my time at BIDMC but, I’m left with wanting more, including more projects directly related to the IS Sec position. |
|
|
2b: Develop a relationship between myself and my new colleagues. |
|
Satisfied |
Very Satisfied. I’ve been to a concert with the CISO.
|
|
|
2c: I will reach out to at least 5 individuals via LinkedIn by the end of the internship. |
|
Satisfied |
I’ve connected with 4 people from the IS Security Team including the CISO and 4 vendors from my time at BIDMC. That’s 8 LinkedIn Connections. |
|
3. Further my knowledge of the security principals of Confidentiality, Integrity, and Availability (CIA) in a professional environment |
3a: Develop greater understanding of to keep data confidential in a hospital setting |
· I will have learned the proper method of encrypting and storing files in a hospital setting. · I will know at least 3 methods to monitor the flow of incoming and outgoing data packets. · I shall know the different ways of securing both a hardware and software-based firewall. |
Satisfied |
Somewhat Satisfied. Again, I wish I could work on the systems directly. Though I did get to help configure some VPN Racks. |
|
|
3b: Increase knowledge of maintaining data integrity in a hospital setting |
|
Satisfied |
Satisfied. I understand now the layered process used for protecting incoming and outgoing data. |
|
|
3c: Develop methods of restricting availability of data to others |
|
Satisfied |
Not satisfied. This maybe one of the PCD goals that I didn’t know was out of scope. It is dealt with from multiple departments and in the IS Security department, it’s based on VPN and firewall restriction, not Active Directory. |
|
4.Obtain greater proficiency in computer programs and complimentary web resources |
4a: learn new software
|
· I will develop a more detailed understanding of programs such as Metasploit and Nexpose. · I will have developed a more advanced understanding of Active Directory and perhaps Linux OS’s. · I will have learned when it is appropriate to use websites such as Virus Total while analyzing malware.
|
Not Satisfied |
Somewhat Satisfied. I got to use a little bit of Nexpose and understand the basics behind it but that’s it. I never got to use Metasploit in the work environment and I don’t think the IS Security team deals with Active Directory. |
|
|
4b: understand how software impacts incoming and outgoing packets
|
|
Not Satisfied |
Not Satisfied. I got to do some sample work that was not related to the job directly. I did get to analyze some packets through the use of Splunk but only on a limited basis. Also, while here I never got admin privilege to anything and didn’t get to participate in actively monitoring networks. |
|
|
4c: learn of websites to assist software programs
|
|
Somewhat Satisfied |
Satisfied. Upon deeper reflection, I have to say this went exceptionally well. At first, I was disappointed because of only learning of VirusTotal but, in retrospect all the tools they use for the cloud are dashboard based and designed to work in web browsers. |
|
5.Develop more in-depth knowledge of malware |
5a: Use a program to detect false positives in data packets |
· At completion of internship, analyzed 2 different types of malware. · Successfully identify 5 distinct ways of hiding malware. · Successfully identify 5 ways malware can infect a hospital network. · I will write 4 reports of different hacking attempts using malware. |
Not Satisfied |
Not Satisfied. Never happened. We did manage to detect other things though. Some of the items we detected were inadequate username and passwords but not false positives. |
|
|
5b: Ask my manager if I can assist on a project that analyzes and reports malware. |
|
Not Satisfied |
Not Satisfied. Not applicable. |
|
|
5c: Assist in writing out a report detailing an attempted malware infection. |
|
Not Satisfied |
Not Satisfied. Not applicable. No reports to write. |