I’ve written on this subject several times but it’s so important I find myself coming back to it.
Last weeks global WannaCry ransomware crisis affected tens of thousands of computer systems in approximately 104 countries and has been touted as one of the biggest cyber attacks ever. What’s astounding is the fact that the patch to prevent the attack was made available for download three weeks ago. If I were the IT manager of any of the affected companies I’d be very ashamed of myself right now.
So, forgive me if I sing the same song again. Fingers are already being pointed, people will be blamed and either disciplined or dismissed. Procedures will be changed and I’m afraid, it will all happen again.
But in every crisis, is an opportunity. This is why you must be trained and prepared in all the basics (outlined below). If I were still freelancing, I’d have an advert in the local papers offering to scan systems for local businesses for vulnerabilities and add extra charges for any configuration changes if required. Everything you need to know is in easy certifications such as CompTIA Security+ and MTA Security. $200 per check and if I only did 10 per week I would be netting $8,000 monthly!
So, here is my recommended plan and steps for any IT person. Of course, you may want to specialise further down the track, but if you don’t have a strong base, then you will forever have a weakness in your skill set.
Start with the basics – CompTIA Network+ which covers cabling, TCP/IP, routing, wireless, security basics, troubleshooting, and virtualization. The Network+ is a must-have for every government department and recognized my most blue chip companies.
Move onto networking next. As a bare minimum, consider the Cisco CCNA which covers IP addressing, routing protocols, BGP, WAN, IP protocols, VLANs and STP, NAT, securing network devices, QoS and much more. Each topic is covered in far greater detail in the Cisco CCNP which consists of three hard exams but will make you a very capable network engineer. Other vendors such as Juniper offer equivalent exams but focusing on their equipment of course.
I also strongly recommend you take the Wireshark Certified Network Analyst course. It will really help you understand TCP/IP in great detail and also teach you how to operate a packet capture tool which will prove invaluable when it comes to troubleshooting.
Next, cover cloud computing. You will already be using it no doubt, but due to the cost benefits, security, rapid expansion and deployment make this a no-brainer for 99% of companies. Look at the Amazon Cloud Certifications or Google or start with CompTIA Cloud Essentials if you want to just dip into it.
Closely related to cloud computing is virtualization. It offers the capability to run many virtual devices including servers, firewalls, switches, etc. off one physical device. Along with cloud computing, it’s a no-brainer. Look at VMWare certifications or NetApp.
IPv6 is also another must-have. It’s already here and yet most IT people I meet are pretending it isn’t coming. This is a big mistake. If you can understand IPv4 addressing you can understand IPv6 and in many ways, it’s easier. There are a few vendor neutral certifications out there but most are theory only and only look at server side configurations. Look at the Certified IPv6 Network Associate course I created to fill the gap in the market.
Security was mentioned at the start of this blog post. It’s one of the other foundations of your IT knowledge. You need at a minimum to understand threat types for computers, mobile devices and network devices. Learn about VPNs and how to configure devices for SSH only access, cryptography and threat mitigation. Consider the CompTIA Security+ as a bare minimum.
Lastly, some sort of project management or IT process skills will round of your understanding of how IT plugs into the business as a whole. Adding these stills to your technical knowledge will open all sort of doors for you. Consider the CompTIA Project+ or ITIL Foundation.
It's Not Easy
I know all of this sounds like a lot of work but the alternative is to become deskilled and unemployable. Set your sights at taking one exam every quarter giving you four valuable certs per year. Most IT people barely take one so you will be well ahead of the game.
Your IT career may well last several decades. It’s far more rewarding and enjoyable if you are always learning new stuff and taking on new roles for new companies. They pay is much higher for certified individuals and you are a much lower risk of being made redundant if your skills and experience are in demand by the market.