Many wonder what it is we IMLP's actually do on program each rotation. And in light of that curiosity, I'd like to share some top secret information regarding what I currently do at NBCU for my first rotation.

Well, it's not actually top secret per se, however what I am working on does deal with security, which is a very important part of every business. I'm not actually working on one project either - technically I have four, all of which fall within the Information Security and Governance category.

1. Application Security: What I'm doing here involves how we test all the NBCU web applications and websites for vulnerabilities in the code structure, both internal and external-facing. My job is to evaluate a new piece of software to use to scan our sites, do testing, develop a pilot program to test the software in production and create training material, and then to roll out the new software if time allows.

2. Broadcast Security/WSUS: This one is fun, and challenging. The broadcast environment (anyone/anything involved in sending TV signals out to the public) is like their own little island. They don't like to be touched, especially during what we call "freezes" like Sweeps week, or a news break like MJ's death. The trick here for me is that this environment, because of the need to stay secluded and untouched, doesn't meet the patching standards for the rest of NBCU and falls outside NBCU security standards. My job is to implement a new WSUS server within the broadcast environment and configure the updating of patches so as not to interfere with the delicate work flow of the broadcast environment. It's a lot harder then it sounds, especially when patching requires reboots of machines, and Broadcast says that they can't have their PCs rebooting.

3. Broadcast Firewall Audit: Ah, the Broadcast environment. So much fun. This time the issue is with firewall rules. The problem is whenever Broadcast needs to allow an application through the firewall through specific ports and rules such as FTPing or UDP, they tend to ask for more ports than they need, and once the application is done, sometimes we don't close up the ports. So over time the firewalls for the broadcast environment have become "swisscheesed." I am in charge of determining which ports and rules can be closed and deleted, and helping with developing a new standard for the rules request process to keep this from happening again.

4. Data Loss Prevention (DLP): This one is the most rewarding, I think, due to the fact that it is cross-business. By cross-business I mean DLP is a security initiative being implemented across all of GE, and not just NBCU. DLP is exactly what it sounds like. Its a means of monitoring and preventing the traffic of critical data in and out of the GE network. It helps to prevent material being sent to the wrong people or getting leaked to the public, and I am leading the testing of our DLP software within NBCU.

Oh yes, I'm pretty busy.

What's nice, though, is the amount of exposure I get from working on four different projects across all the GE businesses. You'll hear this a lot at GE, but exposure is very important, and in a company as large as GE, making a good name for yourself will help you in the long run.