5 Smart Tips for LinkedIn Self-Promotion

Smartly executed self-promotion is the key to career advancement, and in our hyper-connected days, LinkedIn is one of the best tools to help you do this. The question isn’t whether you should be on LinkedIn, the mega-popular professional networking service, but rather, how to best take advantage of this powerful medium to separate you from the pack. After all, with more than 80 million registered LinkedIn users, standing out among your peers can be a daunting consideration.

"Not doing something with LinkedIn is like leaving money on the table," says Debra Forman, a certified executive coach in Toronto, Ontario. "You don't need to pay for the upgrade -- the free service is all you need -- but the key is getting people to land on your page."

To get the right people to view your profile and to wow them while they’re there, consider these tactics:

  1. Get connected. "The key to LinkedIn is being found and being fabulous," says Irene Koehler, a social media consultant in San Francisco. Koehler says the first step is to make relevant connections. "Understand that the number of connections you have directly impacts how easily you can be found," explains Koehler. Forman agrees but believes there should be quality along with quantity: Don’t add more connections than you can keep up with, she says.
  2. Say something. Take advantage of the "Share" tab on your profile page, which lets you share insights, a website link or other information with your community. "Draw people into whatever you're doing, and it'll go out to all of your connections," says Forman, who promotes a monthly video in this fashion. "Remember, you might only have, say, 100 people in your network, but you could reach millions because every one of those connections has connections who can see what you're up to as well." Using the "Share" tab is a good way to be proactive in the search process, as if raising a hand above the crowd. Another way to be heard is to regularly answer questions in the question/answer component of LinkedIn, establishing your expert voice.
  3. Be a joiner. Belonging to a LinkedIn group that's relevant to your expertise opens up new opportunities, says Forman. "The beauty of groups is you can promote yourself, get work and be noticed.”
  4. Be a wordsmith. "Unless you optimize your profile, which includes using good keywords, you'll be the world's best-kept secret," says Koehler. "Understand which keywords are best to use, which speak to who you are and who you're trying to attract. Use the terms employers are using, says Koehler. "For example, if you're a Web designer, you'll want to use searchable words like 'web,' 'html,' 'graphics,' 'design,' 'designer' and so on. The top key words should be in the summary section of your profile page."
  5. Show, don’t tell. Aim for compelling text on your profile page, such as, "You've only got that one moment to impress them," says Koehler. Your profile should not look like a resume with bullet points; instead, potential employers should hear your voice and understand how you approach this job differently than the next person, she adds. Include links to your work-related blog and import feeds from Twitter if you offer commentary on IT issues.

It’s not just what you have to say, however. Recommendations from others who know your work in IT are important too, says Koehler. "We all think we're fabulous, sure, but it's more powerful to have others offer their perspective."

Like this article? Connect with us @ITinsiderOnline

Are Free Public Wi-Fi Networks Safe?

You already have plenty on your plate, whether you are implementing and maintaining technology, helping to resolve technical issues or ensuring your company’s data is safe and secure. Now, you can add the proliferation of rogue free public Wi-Fi networks to that list.

Free Wi-Fi connections can be tempting for traveling employees. And hey, you can’t blame them, as one less item on an expense report can make them look better -- especially if your company is tightening its belt. But talking to them about the risks can help protect them -- and you.

How Rogue Free Public Wi-Fi Works
Tech-savvy thieves are taking advantage of users’ thirst for constant connectivity. “The basic idea is someone in vicinity has created a ‘free Wi-Fi network’ that you connect to, but in doing so, you’re allowing them to tap into your info, access your files and possibly steal your personal identity too,” says Tim Bajarin, president of Creative Strategies, a tech consultancy in Campbell, Calif.

“These ‘rogue’ networks are really individuals who have software to hack into your systems -- and because the majority of people’s laptops are not protected, they’re a lot more susceptible than they think.”

In fact, New York-based independent security consultant Dino A. Dai Zovi says he and a colleague, Shane Macaulay, authored a tool called KARMA to demonstrate the risk of unprotected wireless networks. “KARMA acts as a promiscuous access point that masquerades itself as a wireless network,” explains Dai Zovi. “It makes the victim connect to our rogue wireless network automatically.”

Rogue operators will often craft network names similar to the name of the hotel or the coffee shop where your end user is attempting to connect. One careless click and your data is exposed.

Scary stuff. So, what to do?

Tips for Safer Surfing on Free Public Wi-Fi
You’ve got your work cut out for you, and it starts with employee awareness, say the experts. Consider these steps:

  • Avoid free public Wi-Fi. Caution employees to steer clear of freebies. “When I go to hotel, I make sure they have a wired [Ethernet] connection,” says Bajarin. “And if I want to go wireless on my laptop or other devices in my hotel room, I bring an Airport Express with me,” he adds, referring to Apple’s compact wireless router.
  • Be efficient. If you or your end users can’t avoid a free public Wi-Fi network, “get on, get what you need and get off -- and don’t do any financial things until you’re back at home," cautions Bajarin.
  • Use VPN. Only use free public Wi-Fi if you have VPN (Virtual Private Network) access, says Dai Zovi. “Otherwise, everything you do can be easily monitored by anyone nearby.” Citing recent Firesheep attacks, Zovi says that even password-based networks can be attacked by malicious types. Firesheep is an extension for the Firefox browser that can grab your login credentials for sites such as Facebook and Twitter.
  • Give employees your own connection. Another option for mobile workers is to use WAN-enabled laptops, USB sticks with cellular connectivity or to create a mobile hotspot through a smartphone or tablet.
  • Use security software. Make sure all security software is updated regularly, enable firewalls and give employees a means to encrypt sensitive data.

Only through education, secured connections and some common sense can your employees keep personal and professional data safe from cyber-snoopers, waiting to attack through a free public Wi-Fi.

Like this article? Connect with us @ITinsiderOnline

Photo Credit: @iStockphoto.com/gulfix

Google Chrome OS Notebook: A Security Game Changer?

Google’s much-hyped Chrome OS notebook is just a few months away, promising to deliver a lean, minimalist approach to mobile computing. Fast startup time, long battery life thanks to lower power consumption, and a heavy emphasis on cloud computing add up to plenty of interest from businesses of all sizes.

But will this new operating system mean fewer security headaches for you as an IT professional? Yes and no, say technology experts who are familiar with Chrome OS, scheduled to power mobile computers from the likes of Samsung and Acer by the middle of this year. Here’s what you should consider.

The Google Chrome OS: Effective but Limited
Dino A. Dai Zovi, a New York City-based independent security consultant, says he has been playing around with Google’s Chrome OS notebook prototype, dubbed “Cr-48,” for more than a month. Although he thinks it’s an effective tool for Web communication, it likely won’t be his primary computer.

“I don’t see how you’d want Chrome OS as your main computer, because there isn’t support for popular Web apps, such as Skype, and it’s unclear what native clients will run on Chrome OS,” says Dai Zovi. “But Chrome OS could be useful as a secondary device, as a competitor to, say, tablets.”

Google OS Chrome Security Is Relative
Although Google OS Chrome notebook files are stored in the cloud, Dai Zovi says that doesn’t translate into bulletproof security. “One big limitation for business is no support for encrypted emails -- unless you use a third-party Web-based encryption product,” says Dai Zovi, who has co-authored the books The Art of Software Security Testing and The Mac Hacker’s Handbook.

Consider whether you’re willing to entrust your data to one entity, say the experts. “With Chrome OS, you need to ask yourself if you’re putting too much trust in the hands of Google,” says Bruce Schneier, a security tech consultant and author. “If you’re someone like my mother, who isn’t tech-savvy and is afraid of losing information, sure, you might prefer for someone else to take care of it. But if you’re talking about Citibank corporate accounts, forget it.”

Google’s cloud-based apps provide a uniform standard of security that works great for many people, but Schneier cautions it may not meet your organization’s standards if you need to adhere to policies or regulations. “If you have to ask Google where your data is being stored and if it’s leaving the country, then it’s not for you,” he says.

Weigh the Convenience vs. the Risk of Chrome OS
Your end users are likely to enjoy the convenience of Chrome OS’s cloud-centric approach, says Dai Zovi. After all, you can access files from virtually any online device in the world. You can collaborate and share documents easily, and data is protected from local damage, such as flood or fire or computer theft. However, there may not be adequate layers of protection for your organization’s online data.

“If your data is simply protected by a password and no additional layer of security, that’s simply not enough for many businesses,” says Dai Zovi.

Dai Zovi says Google may be considering expanding its two-step authentication system that is available on Google Apps, where the user receives a text message with a code to type in for access to the application, along with a password. But even a two-step security measure isn’t foolproof, says Dai Zovi, who recalls a recent Firesheep (Firefox extension) vulnerability that led to “sidejacking” attacks among Gmail, Facebook and Twitter users.

As it is, it’s not clear exactly how the system will be embraced. “It’s a new platform, so it’ll take a while to see how this can be a good fit for consumers and businesses,” says Dai Zovi.

Photo: http://www.google.com/chromeos/pilot-program-cr48.html

The Rising Threat of USB Drives

You can find them in pockets, purses and on key chains. They're on lanyards and in pens, built into some jewelry and even found alongside scissors and nail files in Swiss army knives. Teeny USB thumb drives are ubiquitous: In fact, Gartner estimates more than 222 million were sold in 2009 alone. Could such a tiny gadget bring big risks to your organization?

Your Data at Risk

Thanks to their small size, low cost, and capability of instant backup and file transportation between multiple computers, USB drives actually pose significant security threats for businesses.

For example, disgruntled employees can easily make off with sensitive company information on a USB drive. "The threat is not new, but the problem is exacerbated by tiny and cheap USB drives," says Leslie Fiering, research vice president at Gartner in San Jose, Calif. "The moment we had removable storage media -- going back to floppy disk drives -- there have been stories of janitors going onto computers after hours and downloading major amounts of information." Employees who plan on quitting a company -- or perhaps those expecting a pink slip -- can also easily copy over customer or client databases, emails, calendar appointments and contact lists in a matter of seconds, and then take this digital info with them to a competitor.

Increasingly, USB drives can also carry harmful malware, say security experts. USB keys can be used to install viruses or to serve as boot drives to erase data -- even unintentionally. An employee who uses a USB drive on a personal computer at home could carry malware back to a work computer without his or her knowledge.

USB Security: What You Can Do
You should take several precautions to minimize the risk of data theft or malware attacks via USB drives. Consider the following:

  • Implement strong security software. All company computers should have the right security software to detect and remove potential threats. "Without question, you need serious protection today that not only protects from online threats but also is capable of scanning external devices too, such as USB drives," warns Fiering.
  • Limit USB access. In extreme cases, organizations have cut off access to USB ports. Others have limited USB access to specific employees. Using encrypted USB drives is another option, as is disabling AutoRun on computers so that programs on a USB drive don’t immediately run when a drive is inserted.
  • Monitor use. Keeping track of USB access will help you note who is using the drive, on which computer and at what time of day." IT departments need to make sure their machines are secure and sensitive information protected," adds Michael Gartenberg, research director at Gartner in Stamford, Conn.
  • Focus on education. “Banning can result in users trying to bypass the ban,” cautions Santorelli. A usage policy augmented by an awareness campaign to educate end users will help mitigate the risks.

Fiering and Santorelli note that these risks are not limited to USB drives. Santorelli calls it an “erosion of the traditional network perimeter” because of the prevalence of mobile devices and the convergence of personal and work technology. “This is a problem that's not going away any time soon," says Fiering. With the right security measures, however, companies can ensure the security of their data, despite today’s increased risks.

Like this article? Connect with us @ITinsiderOnline

How to Pick the Right Cloud Provider

As cloud computing pervades more and more of our everyday lives, it's not surprising that small to midsized businesses are also seeing the benefits. The question is, How exactly do you go about embracing the cloud?

To find the right cloud provider, you want to do more than type the names of a few providers in a search engine. But sorting through the mushrooming number of cloud providers crowding the market can be difficult. Because there's no third-party rating system for cloud computing firms -- and no directory either -- experts advise that the best way to seek a cloud computing provider is to do it the way you'd find any other service provider. "My biggest recommendation is forget about the cloud and just think we're finding a vendor to work with," says Patrick Grey, president of the Prevoyance Group. "Don't get caught up in the cloud." 

On the other hand, Charles King, principal analyst of Pund-IT, notes that cloud computing has its own particular issues. "You're really looking at something you're going to be engaged with 24/7/365," says King. "You really have to have a mind for what you need and what constitutes good quality."

Both Grey and King agree, however, that the key to finding a cloud computing vendor is following best practices. A few guidelines:

  • Use metrics. Set benchmarks to measure good performance. Be realistic, though: 100 percent isn't always achievable, but maybe 99.9 percent is. Get a sense from prospective vendors what is possible and what's not.
  • Network. The best resources for choosing prospective vendors are other IT decision-makers and other vendors. You might have luck cold-calling prospective vendors with a Google search, but you're better off talking to people who actually deal with the vendors. "You would be well-advised to touch base with vendors you work with closely," says King. "You basically have to get out and work the networks and see what you can find."
  • Make a test case. A good way to test a prospective vendor is to give them a non-essential part of your business first. When you eventually move more critical pieces over, though, internalize Murphy's Law. "You have to have a plan if everything goes south," says Grey, and that plan would likely be to move to another provider or to move everything back in-house.
  • Consider data storage and security. Take a look at how a cloud provider’s data storage, data security and security infrastructures work. How do these firms protect your data? What kind of security measures are in place?
  • Use a service-level agreement. For critical, sophisticated or big projects, include a service-level agreement detailing which metrics need to be met and what penalties will ensue if they're not met. Gray recommends "penalties that escalate at an increasing rate as the severity of the violation increases."

King cautions that the cloud computing business is the Wild West right now. "There's an awful lot of interest in the cloud area right now," says King, "but a lot of companies can't quite deliver on the services they're promising." Beyond kicking the tires, King suggests that you have a good idea of what you want if you’re in the market for a cloud computing provider. Otherwise, says King, "It's a bit like going into a grocery store without a shopping list. If you don't know what you want for dinner, you're going to wind up with a lot of stuff in your cart."

Like this article? Connect with us @ITinsiderOnline