Why I chose Totem Tech
I am currently a sophomore attending Brigham Young University (BYU) and a declared cybersecurity major. Early this year, like many other students, I was eager to find a summer internship in my field of study. I researched a lot of cybersecurity companies with the intent to reach out and see if they had any internship opportunities.
Amidst the sea of companies, I came across the website of Totem Technologies. I was impressed by the way they broke down complex subjects such as Cybersecurity Maturity Model Certification (CMMC), the different standards and regulations DoD contractors need to follow (like NIST 800-171 and DFARS clauses), and how to classify data into categories like Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). They talked about these topics in a way that a budding enthusiast like me could understand. I wanted to work for people who could take my limited knowledge of the industry and help me become a more confident and experienced cybersecurity professional who was better prepared for the next school year.
Fortunately, I landed a spot as the Sales/Engineer Intern and started my internship at Totem Technologies in May of 2023. My days usually started off with morning team meetings where we would go over operations and check in on the current projects we were working on. After that, I would work on assignments like starting a programming project, researching cybersecurity topics, and writing articles about them. I also had the chance to collaborate with colleagues to test software and follow up with new leads to address cybersecurity topics. During the next few months, I got to know the team better while they taught me various cybersecurity principles. I enjoyed it so much that I plan to continue working a limited schedule through the school year.
What is Totem Tech
At Totem Tech, our mission is to help small businesses fulfill their cybersecurity compliance requirements. We simplify cybersecurity through the services we offer to Department of Defense (DoD) contractors, healthcare organizations, local and federal government agencies, colleges and universities, and critical infrastructure stakeholders as well as non-regulated small businesses that are looking to improve their cybersecurity. Some of these services include consulting, assessments, workshops, compliance training and software. This resonated with me, as Totem Tech’s mission and services align perfectly with the experience I was hoping for. I was excited to learn more about cybersecurity and thought it sounded interesting to be involved in the government contracting process.
Team Work
When I met the team, I immediately felt at ease. They were all very friendly, collaborative and encouraging. They were accommodating with my part-time schedule and flexible with allowing me to work remotely. I had a rather lengthy commute which kept me from spending more than a handful of days on-site but through calls and other communication, I still felt very much a part of the team. The days I did get to spend in the office with my coworkers were the best, having a barbecue and playing a little poker are top of my list (still working on my poker face, let’s have a rematch?).
I especially enjoyed being part of a great team and felt an incredible sense of belonging. Totem and its employees exceeded my expectations over the course of the summer. During my first week on the job, they invited me to attend the operations and cybersecurity project meetings. Despite initially feeling like a newcomer with very little to offer, I quickly realized that my input was valued. Throughout months of being part of these meetings with the team, they asked for my opinion on logo options, best choice for an upcoming software release, and how I would address a given cybersecurity concern. They asked me pretty early on if there was a particular area of cybersecurity I was interested in and how the team could help get me more experience in those areas. They were genuinely interested in my growth.
My internship taught me the value of communication. Oftentimes I felt embarrassed about the number of questions I had to ask to complete a project, but it taught me that it is better to ask and do it the right way than to be confused and do it the wrong way. My team was so patient with me as I learned, which gave me the confidence to try new solutions through the learning process.
We often worked as a team on projects which was insightful for me as I looked at the different ways my colleagues addressed a given issue. I learned that collaboration facilitates efficiency and allows us to learn from each other. I also appreciated the trust my team had in me to independently complete tasks; I felt I was a valued member of the Totem team.
From University to work
I am starting my second year of my cybersecurity major at BYU and because of my internship, I feel more confident in my abilities. It has been really fun for me to take the things I have learned in my classes and see how they are used in a real cybersecurity business. My favorite project I worked on this summer was performing engineering and testing on our Zero Client as a Service (ZCaaS) offering. This is a secure enclave for small businesses to affordably handle Controlled Unclassified Information (CUI). I helped prototype and test ZCaaS by developing standalone ZCaaS workstations. The first model I made worked perfectly and offered me the opportunity to deepen my proficiency in Linux and programming skills in PowerShell.
I was frustrated when the second ZCaaS model I was tasked with building wasn’t as simple as the first; I came across several difficulties. The second model was running an updated version of the Fedora operating system that couldn’t connect to Wi-Fi because it didn’t have the right drivers, and I couldn’t manually install those drivers. I couldn’t turn to the older Fedora OS used in the first ZCaaS model, because it had become outdated and therefore was prone to a number of security vulnerabilities. I worked under the direction of Totem’s Lead Cybersecurity Engineer, Adam Austin, to identify if the vulnerabilities within the old Fedora version were significant enough to force us to change our offering.
My research revealed that the older Fedora OS’s current vulnerabilities posed a greater risk of compromise. Since the newer Fedora OS wasn’t compatible with the second ZCaaS model, and the vulnerabilities posed a significant risk to the security of this offering, the decision was made to migrate this offering to the cloud and utilize more resilient and user-friendly services available to us.
I was able to aid in several rounds of testing of this product–something we had discussed in my classes. Getting to be a part of this project gave me the real-world experience that brought my studies to life. I loved getting to have a small part in ZCaaS. I witnessed it through all of its different stages, from development and testing to its marketing and branding. This project taught me the importance of being adaptable when faced with unexpected challenges. My problem-solving and communication skills improved as I worked through a real-world application of the programming concepts I had been learning in school.
Key Takeaways
Totem was an amazing place to get hands-on internship experience in the cybersecurity industry. Working alongside experienced engineers really built my confidence. Looking back on the summer, I feel so fortunate to have found an environment that facilitated so much growth for me. I was mentored by the best of the best and will take what I learned from the past few months and apply it to my upcoming school year and the rest of my career.
I cannot measure the impact this internship had on me. I highly recommend that cybersecurity professionals or students eager to learn and contribute to the ever-evolving cybersecurity world get in touch with Totem Tech. Explore opportunities to collaborate, learn and participate in tech!
-Nina Pettit
