Prelude…

Many of you contacted me over the past weeks to wish me a happy birthday. My 3/6 birth date could evidently be found on Plaxo, Facebook and a variety of my other online Black Holes. I was surprised and elated to receive many e-cards and even some ‘real’ ones via mail. I even received a bottle of California wine from one of my favourite product managers :)

And, because I was delivering a NAC 101 presentation at a conference that day, I wasn’t able to celebrate at home with my usual crew. Instead, I shared the evening with a big group of conference attendees, many of which are current customers. I had a blast.

However, the occasion brought about a domino effect of questions… How old are youHow did you get into IT?  What made you decide to focus on security?

I’ve been answering these 3 questions a lot over the past several weeks, and with the new friends I’m meeting on the Security Bloggers Network, and the upcoming RSA Security Bloggers Meetup, I think even more folks are wondering the same…

Oh boy... this is going to be a LONG post…

I’m now 29 (+2 weeks), that’s the easy one.

 

How I Got Here…

Prelude…

Many of you contacted me over the past weeks to wish me a happy birthday. My 3/6 birth date could evidently be found on Plaxo, Facebook and a variety of my other online Black Holes. I was surprised and elated to receive many e-cards and even some ‘real’ ones via mail. I even received a bottle of California wine from one of my favourite product managers :)

And, because I was delivering a NAC 101 presentation at a conference that day, I wasn’t able to celebrate at home with my usual crew. Instead, I shared the evening with a big group of conference attendees, many of which are current customers. I had a blast.

However, the occasion brought about a domino effect of questions… How old are youHow did you get into IT?  What made you decide to focus on security?

I’ve been answering these 3 questions a lot over the past several weeks, and with the new friends I’m meeting on the Security Bloggers Network, and the upcoming RSA Security Bloggers Meetup, I think even more folks are wondering the same…

Oh boy... this is going to be a LONG post…

I’m now 29 (+2 weeks), that’s the easy one.

 

How I Got Here…

Chromosomes. I have to blame my parents for it all. They were both Naval Intel, in processing (then NIPS, now NTCS-A). It probably started long before that, when my father was just a wee lad and already piecing electronics together to make his own computer. (His life-long-love-of-electronics gene was surely hereditary). After the Navy, he worked for a large international integrator as a Sr Engineer. Eventually he started his own business with a partner -who wasn’t quite ready to take the full entrepreneurial leap- so my Mom bought out the partner and we officially had a family-run business (circa mid-80s).

VAX. My first experience with a computer was the VAX system in our basement, running AutoCAD from tapes, on a dual display with fold-up digitizing tablet and a 9-key keypad. Yep, pre-Apple, pre-Windows, pre-mice. The 2 pieces together were the size of about three of those small funky euro-cars. I was really young, so I wasn’t exactly churning out building floor plans with this thing, but the shapes and design control intrigued me and started me down the yellow brick road to graphic design. And so when I was in middle school, I made my own little ‘company’, called ‘Disk-n-Dat’, and provided some graphic design services, logos, etc.

BASIC. It was around that same time that we took typing (keyboarding class) on Apple IIe’s, and I took the opportunity to fill my brain with BASIC, QBASIC and gwBASIC and started writing little programs- some would draw images on the old monochrome screen. Others were carefully designed masterpieces that asked questions and produced a variety of responses using the input, calculations and if-then-else statements. Finally, I had enough instances of a misplaced period, hash or other syntax error… I got p*$$!% off and decided I didn’t have the patience for programming.

3-D. After that little tryst, I continued my graphic design interest, expanding later to 3-D and morphing techniques. I played with that for a while, and even dedicated my SPIRE project to it one year at NCSSM.

Web. When I grew out of the ‘playing’ with graphics, I jumped into web design… and I mean this is back before we had HTML editors. I had stacks of HTML books, containing pages of tags and attributes. Books and Notepad… that was the extent of the HTML editors then. I remember when Microsoft came out with FrontPage- the ‘bosses’ made me use it, but I went kicking and screaming and still edited in Notepad to fix things. My early web-savvy paid off, and I actually served as consultant/SME on a board for a state organization when I was just about 16.

Unix. While I was at NCSSM, I was one of the 3 students running the UNIX system, which was the only option for Internet access at the time. Students had to apply for an account, we had to review it, grant it, create it, and monitor them all and the overall health of the system. I was proud to be the first girl to ever hold the ‘root’ position there. We ran the whole thing- it was crazy- we had the key codes to get into the server rooms, housing both our Unix system as well as the school’s primary VMS servers. Admin was extremely trusting, and we never game them cause to be otherwise.

Centernet. Once out of all my schools (NCSSM + 2 years at NCSU Engineering) I continued with web design and some web development. I managed the Centernet.ws Web Services division of our company and provided small business solutions for web design, development and corporate identity/logos. I loved graphics, and design, but the development (aka programming) was still no fun and after many years of web design, I just lost my love for it and it was a burden.

Other Stuff. I did some ‘other stuff’ during my web days, including teaching some advanced Microsoft courses… and somehow I ended up writing a computer competency course for schools and I taught 1 session of it to teachers and then to the kids… and it’s a good thing I only needed to do it once- I wouldn’t have made it through another one.

Technical Sales. Around the time I started phasing out the web design services, we had some turn-over at the office, and in a fit of desperation to help, I offered to take over some of the responsibilities of one of the people leaving the company. Little did I know what I was getting myself into… I was doing technical sales, but I liked the technical more than the sales and found that possessing a full technical understanding of a technology made it much easier to explain and properly place as a solution. (I still have customers that love to get my goat by walking around and introducing me as ‘the sales rep’).

Network Security. So when I realized the technical part was the fun stuff, I went ahead and got me ‘sum network training and certifications (with the help of the parents and company of course). I ended up with my HP Master ASE Certification, specializing in Mobility & Security. During my first few explorations, I was introduced 802.1X and decided it was the best thing since sliced bread. That’s when I pretty much devoted my life to network security and turned into a complete console cable-carrying GEEK. I would read and research 1 thing, only to find there were 5 more intermingled technologies I needed to dive into also. So, my 1X interest led me to reading all the IEEE/IETF standards, learning about RADIUS and authentication directories, supplicants, researching EAP methods, and reading all the wireless books I can get my hands on.

 

And that’s still what I do now… I read everything I can, and talk to everyone I can. I’m lucky to be working with my Dad on all the networking projects- he has years of experience and insight that simply can’t be reproduced. While I can’t travel back in time to learn all he has, my solution is to try and immerse myself in everything going forward within network security technologies.

In addition to CISSP, I have vendor-specific certifications on various NAC and Security solutions and I try to keep up with what the other vendors are doing. Every 8 weeks or so, I like to scrub through the web and grab all the 1X and NAC white papers, tech briefs and product datasheets I can find. I need that knowledge so I can put together our presentations and best practices and be effective at supporting our customers. We work with many Federal agencies, State/Local Gov as well as Education and some sprinkling of larger enterprises throughout the US… so it’s imperative we know our stuff.

By staying on top of – or – in the middle of – it all, I hope to have more insight and a broader view of the technology and the industry, and I think that’s one of our assets. So there you have it! And if you actually read this whole blasted thing… kudos to you and I’ll have to buy you a drink for your time ;)

# # #

jj

Author, speaker, and recognized authority on network and wireless security architectures, Jennifer (JJ) Minella helps organizations solve technical problems and align teams.

View all posts

3 comments

  • I read… now you owe me a drink. :-P

    REPLY:
    No problem ;) 2 weeks, right??

    -jj

  • Oops- I emailed you and forgot to post…

    Officially, ProCurve Networking NAC & NIM Certification and Juniper UAC JNCIA-AC (Access Control)

    As well as some ‘unofficial’ training/certs, including Symantec’s Sygate/SNAC, they’ve incorporated some of the Sygate functionality into the new SNAC, but there’s not yet a cert for the SNAC and the legacy Sygate is going away.

    -jj