Categories
Uncategorized

Aaron Brock, The Sound of Success

AAron brock

Aaron Brock, The Sound of Success

As the nation’s largest minority — comprising almost 50 million individuals — people with disabilities contribute to workplace diversity. They help businesses address challenges through varied perspectives and enhance their competitive edge. At Nolij, we work to ensure people with different skills, abilities and communication styles are integrated into our workforce and customer base.

Aaron Brock, a senior analyst, is a leader in Nolij Consulting’s Development Test and Evaluation team and supports our IT and cybersecurity strategies. Oh yeah, he also happens to be deaf.

Were you born deaf? How did you learn to navigate school and the world without your hearing at an early age?

“I became deaf at two years old from spinal meningitis which damaged my vestibular nerves that impaired my ability to hear sound. I was blessed to learn sign language at a very young age and attended ASL-based schools. I attended the Model Secondary School for the Deaf. I received my Bachelor of Science in Computer Science from Gallaudet University, the only liberal arts institution in the world for the deaf and hard of hearing. After graduating from college, I went into Defense Health Information Management System.”

What are some of the daily challenges you encounter at work, and how do you deal with them?

“As a deaf person, I have never felt disabled. I have gained so much from my deafness, much more than I’ve ‘lost.’ We, as deaf people, call it ‘deaf gain’ or the ability to communicate without sound. Communication is always a challenge in the workplace because of meetings. In a sound-driven culture, people are often talking over each other. In many respects, deaf people are better communicators because we talk one at a time—sequentially. We can stay focused on the interaction without being disconnected. Deaf communication culture allows me to educate others on an alternate form of communication because people often forget the barrier that exists between us – my deafness or their inability to sign.”

How did you become interested in IT?

“My father influenced my interest in Information Technology. He worked as an engineer for AT&T and always brought his work home. I was around computers before it was cool. Along the way, I met a software developer who further drove my interest in computer science and software engineering. My initial work experience in IT was in Video Relay Service that provides ASL interpreting services for the deaf. Eleven years later, Nolij has expanded my technical skills by entrusting me to lead key projects. My colleagues are very accommodating– I’m lucky to be working with such a great group of people.” 

What are your interests, hobbies, aspirations?

“I enjoy cycling and playing video games. I am engaged and have two children and four cats. I volunteer at the Metro Washington Association for the DeafBlind doing some web development and IT support.”

What advice would you share with others who also have challenges that most of the population does not?

“Don’t view your disability as a challenge but something you can gain from. I am deaf, but I gained the ability to communicate without sound. You’d be surprised how accommodating people can be when you’re open about challenges you have in any aspect of your life.”
Categories
Uncategorized

Nolij has been named a #MoxieAwardDC finalist for being bold in business!

moxieawards 2021

Nolij has been named a #MoxieAwardDC finalist for being bold in business!

Moxie Award recognizes organizations for having demonstrated boldness and innovation as an integral part of their growth strategy.

“Nolij is pleased to have been named a finalist in the 2021 Moxie Award,” said Ashley Mehta, President & CEO.

“I want to congratulate our team for enabling us to be recognized among the boldest and most innovative organizations in the D.C. metro community,” Mehta said.

Finalists were recently announced by Katie Jordan, the 2021 Moxie Award chair.

“This year’s finalists truly represent the spirit of Moxie and we are excited to help tell the stories of how they have navigated the past year,” Jordan said. “We look forward to revealing the winners at the 2021 Moxie Award celebration on Oct. 13, 2021, at The Ritz-Carlton in Tysons Corner.”

A complete list of finalists can be found at https://moxieaward.com

Categories
Insight

Sim Swapping: It’s Not as Fun as It Sounds

cybersecurity

Sim Swapping: It’s Not as Fun as It Sounds

Cybersecurity continues to dominate IT news, with one of the industry’s premier cybersecurity companies, FireEye, getting breached recently by nation-state hackers from a country with “top-tier offensive capabilities.” How can organizations protect themselves from bad actors when security companies struggle to? Having implemented some of the most stringent cybersecurity protocols for the Department of Defense, our experience has proven that a wide range of authentication solutions from short message service (SMS) and two-factor authentication (2FA) to true multifactor authentication (MFA) using hardware tokens can protect your enterprise from cyber criminals. That said, it is important to understand that all authentication, using SMS or not, is ultimately “hackable.” The level of effort required to execute a successful attack, and whether a capable adversary is motivated to execute it, is what determines if your data will be safe.

Despite appearing like simple fixes, 2FA and MFA have proven to be effective methods to prevent breaches while complying with industry and government standards such as CMMC and HIPAA. When choosing an MFA option, there are multiple factors to consider and, as with all cybersecurity options, decisions are based on a risk/benefit analysis. Authentication “factors” are broken down into three types of information the user provides: something they know (username and password), something they are (biometrics) or something they have (a hardware token). If two of these types of factors (2FA) are used, it makes for a strong protocol. If all three factors (MFA) are used, the greatest protection is achieved.

When implementing MFA, SMS based options are very attractive based on their ease of use, simple implementation, and low cost because SMS is standardized across the telecom industry and used by anyone with a smartphone. SMS 2FA sends a one-time password (OTP) to a user’s cellphone, which serves as the “something you have.” The problem with SMS 2FA is that an adversary can easily pretend to have your cell phone using a technique called Subscriber Identity Module (SIM) swapping. In the past, SIM cards were physical hardware that served as the identity of a phone. Today, SIM cards are represented digitally and can be transferred from phone to phone with little more than a phone call to the cellular provider. Using a combination of social engineering and phishing attacks, an adversary can impersonate a target’s SIM card and authenticate using the texted OTP.

It is helpful to look at the types of attacks used to beat SMS 2FA. The most common technical attacks involve session hijacking. An adversary will attempt to steal a session token by intercepting communications from the victim. This is known as a Man-in-the-Middle (MITM) attack. Also, if an attacker has access to an endpoint, known as Man-in-the-Endpoint (MITE), stealing session cookies is insignificant because the attacker has full control to execute any attack at his disposal. Understanding how adversaries will often use the path of least resistance is critical to businesses. In this regard, phishing and social engineering are the greatest risk to SMS 2FA. Simply by learning the target’s cellphone number, email, and some other identifying information, an attacker can call the victim’s service provider and transfer the target’s SIM information to their device.

The key to enterprise security is working with a partner who has the experience necessary to navigate risk-based decisions such as the use of SMS for 2FA. Nolij helps organizations prevent these attacks by explaining how these tactics are used, the precautions needed to mitigate the attacks, and by providing consistent phishing training to staff. For example, the best practice to decreasing any SMS swapping attacks is not to include a cell phone used for authentication messages in the email signature block. If attackers do not know your number, they cannot impersonate you. Additionally, using an authenticator app is a good solution because it requires an attacker to have physical access to a device. In cybersecurity, the goal is not to find a perfect solution, but to make hacking a system more trouble than it is worth. If a high degree of technical knowledge is necessary to conduct an attack, it may deter bad actors from trying at all. As the saying goes, “An ounce of prevention is worth a pound of cure.” 

Categories
Leadership Thoughts

Partnerships Are a Path to Success

partnership blog by ashley mehta

Partnerships Are a Path to Success

At Nolij, we value our partnerships. As a woman-owned business, strategic business partnerships have enabled Nolij to grow our customer base, improve our business and expand our service offerings. But before entering a partnership, you must ask yourself what the purpose is in forming a business relationship. Besides gaining new customers, there are many reasons why a small business enters a partnership: reach a new market, access to new products, strengthen a vulnerability or brand alignment. In the case of Nolij, we have successful professional relationships with consulting firms to win contracts, solve technology and business problems and expand service capabilities.

There are many types of partnerships, at varying levels, that help organizations grow and succeed. For example, we have relationships with service-based organizations, product providers and other consultancies to form joint ventures. We also partner with business process outsourcing companies (BPOs), like Paylocity, Cigna, and PB Mares, that provide operational support to Nolij. BPOs are invaluable and free up executive management to focus on business operations, strategy and customers. Despite the different types of partnerships, they are united by a similar customer profile.

Nolij has recently formed three new joint ventures to expand service offerings to our customers. Our joint ventures capitalize on synergies and bring together under one roof leading-edge emerging technologies that create economies of scale, efficiency, and security for our customers. Joint ventures and partnerships in general benefit all parties involved in that partners complement each other’s capabilities while saving customers time and expense. For example, through a successful partnership with a parallel IT consultancy, Nolij was able to implement an artificial intelligence contract tool for the Department of Health and Human Services (HHS) to transform its procurement processes and save millions in costs across the enterprise.

For each of our projects across different verticals, program offices and agencies, we form a pool of partners where our combined diverse capabilities best serve the needs of our clients. For the Department of Defense’s large-scale multi-year electronic health record (EHR) modernization project, we partnered with product solutions companies that brought added value. Nolij and our partners worked in tandem to modernize the EHR system, optimize workflows, create innovative ways for the system to communicate, and improve the continuum of patient care. In working with Department of Homeland Security clients, we leveraged our skills, in conjunction with automation products from partners, to enhance the Custom Border Protections systems. Our partner philosophy allowed this agency to dramatically improve and strengthen its automation testing skills.

A very important element in any partnership is the ability to deliver. Nolij works with many subcontractors, whether they are minority, veteran, or women-owned companies, that have the credentials, skills and maturity needed to help win a contract and successfully complete a project. Once a partnership is launched, it is crucial to honor contractual agreements.

Throughout our nine years, we have enjoyed effective partnerships that have been founded on mutual respect, transparency and honesty. Every day we continue to collaborate, be open- minded, flexible and fair with our teaming partners. At the end of a project, it is gratifying to celebrate success jointly with our colleagues and recognize each team’s strengths. 

Categories
Uncategorized

Voices of Nolij: Celebrating Women’s History Month

Ona Dashpuntsag

Voices of Nolij: Celebrating Women’s History Month

In celebration of Women’s History Month, Nolij would like to acknowledge and honor the extraordinary women who keep our company growing year after year. Ona Dashpuntsag, a Human Resources Manager, exemplifies every courageous woman who follows her dreams and is undeterred by challenges. Thank you Ona for making the brave journey from Mongolia and making Nolij a much richer place.

“I belong to one of the last nomadic groups in the world, and I have always wanted to travel the world to explore and learn. When I was 19 years old, I decided to move to the United States to pursue better opportunities. Coming from a society where multigenerational families live together, and young women don’t usually leave home until marriage, I had to be strong and self-reliant. It was a difficult transition moving to a new county, learning a new language, and adapting to a new culture and society. Growing up, I dreamed of America as a magical place of freedom, prosperity, and full of opportunities. America has lived up to my hopes and fulfilled its promise that hard work, talent, resourcefulness, and initiative get rewarded. I could not see my family in Mongolia for the first six years, but I was fortunate enough to meet many wonderful people at Nolij who made me feel at home. Nolij has helped me to become the person I am today. I joined Nolij in 2015 as an intern supporting the HR team, and I am currently an HR Manager and oversee benefit administration, payroll, onboarding, and offboarding. Like my fellow Americans, I am hopeful and continue to focus on what the future will bring.” 

Ona Dashpuntsag
Human Resources Manager

Categories
Uncategorized

Voices of Nolij: Celebrating Women’s History Month

Voices of Nolij: Celebrating Women’s History Month

In celebration of Women’s History Month, Nolij would like to acknowledge and honor the extraordinary women who keep our company growing year after year. Jodi Kim, a junior software tester, exemplifies every remarkable woman who has a story to tell and gifts to share with the world. Thank you Jodi for your dedication and contributions.

“As a first generation Korean-American, I have inherited a strong work ethic from my parents and grandparents who emigrated from Seoul. When they came to the US, my grandparents initially struggled a great deal before they started a dry cleaning business and instilled this spirit of perseverance in my mother and me. My mother, despite being over-shadowed in a largely male-dominated field for years, now heads her own government contracting IT consultancy. I am fortunate to have started my career at Nolij because I am actively mentored, my opinions are respected and my voice matters. In fact, working in IT has led me to change my career path from health sciences, my college major, to technology and follow in my mother’s footsteps.”

Jody Kim
Junior Software Tester

Categories
Insight

Nolij Overcomes Network Hurdles to Make Medical Systems Work Anywhere at Anytime

Nolij Overcomes Network Hurdles to Make Medical Systems Work Anywhere at Anytime

After completion of a successful project for the Department of Defense, the Nolij contracting officer remarked, “I cannot believe you solved this problem. This is huge!”  What problem did Nolij solve? Nolij had successfully ensured that data moved consistently across an array of gear, equipment and multidomain networks, such as mobile phones and satellites, in different warzone situations. This would allow the US military to provide reliable medical service across the continuum of care to soldiers as they move from the field, to Humvee, helicopter and onto command post hospitals in battlefield situations.

How did Nolij resolve the glitches in DOD’s communication networks? First, Nolij found that the military’s applications and systems were not being rigorously and thoroughly tested with the actual communication equipment used on the field during the development life cycle. For software to be reliable, it requires comprehensive testing in a “real-life” simulated operational testing environment that takes into consideration all possible scenarios and system constraints prior to deployment. This oversight during testing led to the health systems failing when deployed due to the operational environment never being introduced until it was released; thereby, causing a multitude of problems during software deployment such as tactical system failures.

Second, Nolij created a “real life” simulated operation testing environment by leveraging the Joint Network Emulator (JNE), a proprietary communications
simulation and network emulator jointly developed by DoD and EXata, that lets you evaluate on-the-move communication networks quickly and realistically. Our engineers worked with the armed services to emulate a soldier’s treatment in a warzone in different battlefield situations. Our team of system and test engineers then began to configure the JNE emulation package with all the environmental and system constraints we had discovered. After configuring JNE we then tied our emulation to our onsite network equipment, allowing us to test software in the intended deployed environment.

Third, we first ran our EXata environment on a mobile health application. The results were outstanding and the team was able to identify with precision where the software was failing or having integration issues. This knowledge demonstrated software behavior to our clients before it was shared with the development team. This allowed developers to begin mitigating problems while the testing was still occurring, which led to a faster feedback loop. For the first time in Military Health System history, software was being tested within the operational environmental situation and configuration as it exists in the field.

Since the successful deployment of this multidomain battlefield network simulation, Nolij has perfected their EXata expertise to deliver superior testing
environments to help clients resolve difficult technology challenges.

Categories
Leadership Thoughts

Social Media Handles Rock For Federal Consulting Businesses And Why You Should Think So Too

Social Media Handles Rock For Federal Consulting Businesses
Social Media Handles Rock For Federal Consulting

Social Media Handles Rock For Federal Consulting Businesses And Why You Should Think So Too

Covid struck, and Nolij transitioned to virtual work overnight. I thought, “How do we stay connected to our clients, prospective clients, teaming partners, and employees in a virtual environment?” Traditionally, in the federal consulting world, consulting businesses try to get in front of clients and teaming partners through scheduled in-person meetings or industry events and connect via emails for specific opportunities. I thought. “How do we show that Nolij is an authentic woman-ran consulting business, we value our partners, we are committed to delivering excellence to our clients, and are at the forefront of emerging technologies? How do we build trust, loyalty, and a strong brand as a health IT woman-owned consulting business?” Meeting in person has its charm and value, and while I look forward to doing it once more, I’m learning there are other avenues to build our brand and make connections.

Our answer was to dedicate more resources, energy, and time to branding Nolij on various social media handles. Nolij hired a marketing consulting company and a full-time social media consultant. Even though we have these professional resources, our employees also play a large role in the process. It is a time-consuming effort to get the marketing going, but with more experience and time, we hope this process becomes easier, and we build a solid following that values our posts.

Today we are active on LinkedIn, Twitter, Instagram, Facebook, and Glassdoor. It is a lot of fun communicating the great work that our employees do every day. It is a time to boast and brag, and genuinely enjoy our existing relationships and develop new ones.

For people curious about what we’ve learned along the way, we’ve highlighted a few lessons learned.

  • The power of a quick read is essential for increasing views and shares. Today’s busy business professional wants to cut to the heart of an article in a very short amount of time. We discovered that our 1–2-minute blogs and articles create more traffic than our longer 5-minute reads. For example, our one-minute read, “Employees are the Heart of Nolij”  received the most page views in the shortest period.
  • Videos drive traffic to make connections! We found that short videos with creative content incorporating a strategic message maximize the numbers of views, likes, comments, and shares. For example, our EHR video received over 1,000 views on LinkedIn within a few days.
  • Blog topics matter! Timely and relevant topics that address today’s unique challenges generated higher traffic patterns than general topics. We have discovered that relevant blogs increase traffic to our website creating new opportunities for connections. For example, my blog “Secrets to Success-for-Female-Founders had the highest average time spent on a page.
  • People love a laugh, mix it up a little too… don’t always be serious. Christmas Eve, I sent out a video of a lady downing red wine, and my caption was “I’m not ready for Christmas!”. A friend of mine sent it to me, and I thought it would be funny to post it during Covid times. Needless to say, my funny friend got me 1,000 impressions within a few days on LinkedIn.

I am hoping more CEO’s and businesses in federal consulting follow suit. Writing meaningful content that both educates and allows companies like Nolij to get to know them better. It is more important than ever during Covid times to use Social Media.