Aliyah Morales
July 29, 2024
Old Dominion University
CYSE 368
Introduction
The company that I completed my Information Technology internship at is Prosperity Life insurance. They are a life insurance and asset management company that primarily operates on the United States and in Canada. Prosperity has three locations, one in New York, one in Roanoke and their second outside of Roanoke City. A large portion of their employees are in the New York headquarters or remote. This internship gave me hands on experience and gave me the opportunity to choose where I wanted to focus my internship experience. Before my internship began, I knew already that I wanted to learn and get experience with Active Directory, IT management software and grow my technical skills alongside my customer. This internship far exceeded my expectations and gave me hands on experience I wanted, the opportunity to work with Active Directory and Microsoft version of Active Directory which is Entra ID. I was also given the opportunity to see the full scope that Information Technology from a new hire to a termination.
Prosperity Life Insurance
Prosperity Life Insurance Group, founded in 2009, offers a variety of life insurance products, including term life, whole life, and final expense insurance. The group operates through three member companies: Shenandoah Life Insurance Company, SBLI USA Life Insurance Company, and S.USA Life Insurance Company Inc., which issue policies on its behalf. With an A- rating from A.M. Best and over 16.1 Billion in assets, Prosperity Life Group demonstrates strong financial stability and the ability to meet its policyholder obligations. The company operates in 35 states and Washington, D.C., providing simplified issue policies that do not require medical exams, making it a convenient option for many customers. In 2024, Prosperity Life Insurance Group expanded its reach and capabilities by merging with National Western Life Group (NWL). This merger allowed the combined entity to enhance its product offerings and leverage NWL’s established distribution channels. The integration aimed to create a more robust platform for delivering a wider array of insurance and annuity products to a broader market, further solidifying Prosperity Life’s position in the industry
Initial Orientation and First Impressions
The initial contact I received was through the human resource employee that read my resume and we had a phone conversation asking me about my educational journey and asked several questions to assess my location. The interviewer was nice, and we ended the call with a positive note, and he conveyed that he would share my information with the person who would end up being my supervisor. The interview went well, there was both a portion that focused on my technical skill and if I would be a good fit for his team. My impression of the company was that I would be one of the first interns joining their team and that the company wanted to bring more interns aboard in various departments. The training that I received was structured in a way where I would be given an assignment to create a procedure on a task before I did the task with supervision. I also had one on one meeting where I met with the cybersecurity lead to go over Microsoft Privileged Identity Management and I learned how to escalate my privileges. I also had one-on-one meetings with various teammates, and they showed me the onboarding, offboarding and setting up new equipment. There were some areas that I was not given direct access to, but I was able to shadow the other information technology technicians.
Management
The management environment of my internship was structured yet flexible, striking a balance between guidance and autonomy. My supervisor was consistently available to provide assistance and support whenever needed. If he was not accessible, the other information technology technicians were always ready to answer my questions and provide guidance. This created a collaborative and supportive atmosphere that made it easy to seek help and learn from experienced colleagues.
One of the most notable aspects of the management environment was the emphasis on effective communication. The importance of clear and timely communication was consistently demonstrated by the management and staff, which greatly influenced how employees conducted themselves during work hours. For instance, whenever an employee was about to take a lunch break, they would send a message on the information technology helpdesk team chat to inform every one of their absences. This practice ensured that the team was aware of who was available, which was crucial for maintaining efficient operations.
This practice was particularly beneficial because the helpdesk received calls from various departments within the organization. By keeping track of who was on break, we were able to manage incoming calls more effectively and ensure that there was always someone available to assist with urgent issues. This approach not only fostered a sense of teamwork but also highlighted the importance of accountability and reliability in a professional setting.
Overall, the management structure at my internship was effective in creating a productive and harmonious work environment. The combination of structured support, open communication, and a collaborative culture made it a conducive place for learning and professional growth.
Major Internship Duties
In the first fifty hours of my internship, I tackled the significant task of organizing and cataloging the company’s IT e-waste room. This room housed various legacy equipment, including outdated networking devices and cables accumulated over the years. My responsibility was to create a detailed inventory of all items, documenting the model, serial number, brand, and type of each device. This inventory helped the company decide which items to repurpose, sell, recycle, or dispose of responsibly. Additionally, I sorted and recorded various types of cabling, noting their lengths and any specific characteristics or damage.
During the next sixty hours of my internship, I learned to image and ship devices for both remote and office employees. This involved gathering user information and required hardware details, then disabling secure boot in the BIOS and using PXE to create the computer name, select the network type, and load a premade image. While the image loaded, I added the device to Azure Active Directory, assigned it to the user, and applied necessary security and group policies. After imaging, I pushed the internal or external baseline from an endpoint management platform, activated Windows, configured sleep settings, updated policies, turned on BitLocker, synchronized the account, and ensured OneDrive, Chrome, Edge, Outlook, and Teams were working. Once completed, I shipped out the device or set it up in the office.
The next task that I shadowed and learned was the onboarding and the offboarding process. The onboarding process begins when a new hire ticket enters our ticket system. That ticket will have the new hire form, that has the name of the manager of the new hire, first name and last name of the new hire, address, system access, job role and if they will need any device. The steps to follow are create a profile in the active directory, configure the email and password according to the configuration chart. Afterwords, add the user to5 the domains based on their job role. The next portion is to set up their active directory profile, create a phone number, Microsoft account, outlook and teams. After these steps, the ticket will be assigned to the IT employee who configures the devices and ships it out or brings it to their office. The offboarding process is like onboarding; the ticket will enter our ticket system, but we must make sure we do not start it until the day of or after the termination date. The first step is to use the offboarding form to see the termination date, access level and if there are devices that need to be shipped back.
I also got the chance to experience Microsoft Entra ID. As an intern learning identity management, I started with the basics of identity and access management (IAM) to understand Microsoft Entra ID’s role in IT systems. Initially, I learned the core functionalities of Microsoft Entra ID (formerly Azure Active Directory), including managing users, groups, and devices, and securing resource access. My first hands-on task involved Privileged Identity Management, where I learned to escalate privileges using ticket numbers, system names, and descriptions. I explored key features such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and conditional access policies. Implementing SSO showed me how users could access multiple applications with one set of credentials, while configuring MFA highlighted the added security for sensitive information. Managing groups for users and devices was particularly rewarding, as it demonstrated the efficiency of collective user permissions management.
The company I am interning with has just acquired National Western Life Group through a merger. This acquisition had been in the works since last year and was a major accomplishment for the company. The acquisition of National Western Life Group was aimed at expanding Prosperity’s offerings in the life and annuity insurance sector. The Information Technology department I am working with was involved in a meeting with the National Western Life Information department to review their system structure and gain access. NWL Information Technology employees were also given guest access to Prosperity systems to ensure a secure integration of NWL’s system. My role was to create accounts for two NWL employees, add them to the correct groups in Azure, image laptops, and ship them to NWL headquarters.
Use of Cybersecurity Skills and Knowledge
Throughout my internship, I had the opportunity to apply and expand my cybersecurity skills in several key areas. Prior to the internship, I had foundational knowledge in network security, basic principles of identity and access management (IAM), and familiarity with tools like firewalls and antivirus software. My understanding included network protocols, secure configurations, intrusion detection systems, and basic IAM skills such as managing user identities and controlling access to resources. These skills provided a solid starting point, but my internship allowed me to delve deeper into practical applications and more advanced concepts. During my internship, I gained hands-on experience with Microsoft Entra ID, where I managed users, groups, and devices. This experience enhanced my understanding of IAM by showing how it functions in a real-world environment. I learned about Privileged Identity Management, which involved securely escalating privileges and understanding the roles and processes involved. This was a foundational aspect of my training, highlighting the importance of controlled access and the procedures necessary to maintain security within an organization. Implementing Single Sign-On (SSO) and Multi-Factor Authentication (MFA) provided practical insights into configuring and enhancing security protocols. These features were crucial for ensuring that users could access multiple applications with a single set of credentials while adding an extra layer of security to protect sensitive information. Configuring SSO and MFA demonstrated the benefits of streamlined access management and the challenges of balancing user convenience with security requirements. Setting up conditional access policies was another critical aspect of my internship. These policies ensured secure resource access by defining the conditions under which users could access specific resources. This experience underscored the importance of adaptive security measures that respond to various risk factors and user behaviors. Overall, my on-the-job experience significantly deepened my understanding of cybersecurity. Working with Microsoft Entra ID and Privileged Identity Management emphasized the necessity of secure and efficient user access management. The practical implementation of SSO and MFA provided a firsthand look at the complexities of modern security measures. My internship transformed my theoretical knowledge into practical skills, giving me a comprehensive view of how cybersecurity measures are implemented and maintained in a professional setting. This hands-on experience not only reinforced my academic learning but also introduced new concepts and best practices that I hadn’t encountered in my coursework. I gained a better appreciation for the dynamic nature of cybersecurity and the constant need to stay updated with evolving threats and technologies. My internship experience has profoundly impacted my understanding of the subject matter, preparing me for future challenges in the field of cybersecurity and shaping my professional aspirations.
ODU Curriculum and Internship Experience in Cybersecurity
The ODU curriculum provided a solid foundation that prepared me well for my internship. Courses in network security, identity and access management (IAM), and cybersecurity principles equipped me with the essential knowledge required for my role. For instance, my understanding of network protocols and secure configurations from my coursework directly applied to my tasks in managing and securing devices. The hands-on labs and projects in my classes mirrored the real-world scenarios I encountered, making the transition to practical applications smoother. One specific connection was the use of IAM principles in managing users, groups, and devices with Microsoft Entra ID. My coursework had covered the basics of IAM, but the internship allowed me to see these concepts in action and understand their importance in a live environment. Additionally, the emphasis on security policies and procedures in my classes was reinforced during my internship, especially when implementing Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
However, there were also new concepts and techniques that I had not encountered in school. Working with Privileged Identity Management, for instance, provided deeper insights into secure access control that went beyond what was covered in my coursework. The real-world application of conditional access policies and the complexities of managing adaptive security measures were new experiences that broadened my understanding of cybersecurity. These practical experiences highlighted the dynamic nature of the field and the importance of continuous learning and adaptation. Overall, the ODU curriculum laid a strong groundwork, and the internship built upon that foundation, reinforcing academic knowledge and introducing new, practical skills and concepts that are crucial for a career in cybersecurity.
Achievement of Internship Objectives
The company where I completed my Information Technology internship, Prosperity Life Insurance, operates in the United States and Canada, with major locations in New York and Roanoke. My internship objectives were to gain hands-on experience, particularly in Active Directory, IT management software, and to develop my technical skills alongside customer service. The internship exceeded my expectations, providing extensive hands-on experience and allowing me to focus on areas of interest. I had the opportunity to work extensively with both Active Directory and Microsoft’s version, Entra ID, which deepened my understanding of identity management. Also, I experience see the full scope of IT operations, from onboarding new hires to handling terminations. This comprehensive exposure reinforced my technical skills and understanding of IT management, effectively fulfilling my learning outcomes and objectives.
Most Motivating and Challenging parts of the internship
The most motivating and exciting aspect of my internship at Prosperity Life Insurance was the opportunity to work hands-on with advanced IT systems and technologies. Gaining experience with Active Directory and Microsoft Entra ID was particularly rewarding, as it allowed me to apply theoretical knowledge in a practical setting. The chance to choose areas of focus and see projects through from start to finish was highly fulfilling. Additionally, being part of a dynamic team and contributing to real-world projects that had a tangible impact on the company’s operations was incredibly motivating. The supportive and collaborative work environment also played a significant role in making the internship an exciting and enriching experience. One of the most discouraging aspects of the internship was encountering bureaucratic hurdles and delays in project approvals. At times, the pace of progress was slower than anticipated due to the need for multiple levels of approval, which sometimes led to frustration. Additionally, dealing with legacy systems that were outdated and prone to malfunctions was challenging and occasionally disheartening. These systems required extra time and effort to troubleshoot and maintain, which sometimes diverted attention from more innovative and engaging tasks.
Recommendations for Future Interns
For future interns at Prosperity Life Insurance, I recommend gaining a solid foundation in network security, identity and access management, and familiarity with tools like Microsoft Entra ID and Active Directory before starting. Understanding basic IT management software and having strong troubleshooting skills will also be beneficial. Additionally, developing good communication and teamwork skills is essential, as the role often requires collaboration with various departments. Being proactive, adaptable, and eager to learn will help you make the most of this internship experience.
Conclusion
Overall, my internship at Prosperity Life Insurance was a transformative experience that significantly enhanced my technical skills and practical understanding of IT operations. It reinforced my academic learning, introduced me to new concepts, and provided valuable hands-on experience. This internship prepared me for my future in cybersecurity and shaped my professional aspirations, providing a clear direction for my career path. The knowledge and experience gained will undoubtedly influence the remainder of my college time at ODU and my future professional endeavors.
References
https://www.microsoft.com/en-us/windows/windows-11-specifications?r=1
https://learn.microsoft.com/en-us/windows-server/get-started/perform-in-place-upgrade
Leave a Reply