Tim Park

Infrastructure Systems Engineer – Operational Security (Allianz Technology)

Tim, could you give us a brief overview of what a day-in-the-life of an Infrastructure Systems Engineer looks like at Allianz Partners?

My day usually starts by checking for any alerts and vulnerabilities that have been listed overnight to determine if these pose a threat to Allianz Partners, then doing the necessary work to remediate the issue.

After that, it is a mixture of data gathering, data analysis, troubleshooting, planning and executing changes, and building more secure environments.

What do you enjoy the most about working within the Infrastructure team?

There are 3 things that I enjoy most about working within the Infrastructure team: 

  1. The team environment. The local IT teams work amazingly well together. Everyone is helpful and wants to make positive impact on the environment.
  2. Always learning. I am always learning something new.  Whether it is learning about a new vulnerability that has been found or a new technology that we are implementing.
  3. The opportunity to be creative. I enjoy that I have room to be creative in my role.  Creating new solutions and automation tasks helps to keep my role interesting.

Could you share with us one of your greatest professional achievements since working with Allianz Partners?

When I think back on 2020, I think the greatest achievement is one that I only played a small part in and that was setting up the business to work remotely.

The whole Allianz team came together to mobilise an entire workforce to work from home.  An amazing amount of work from so many people and I was proud to play a part in that achievement.  

I am also personally proud of the number of major changes and large body of security work that I have accomplished in the last 12 months, to improve the security of Allianz Partners. 

With reference to Safer Internet Day on the 9th of February 2021, as a Security expert, what advice would you pass to others in order to navigate the internet safely?

Security is about reducing your attack vectors and hence reducing your risk. To start with everyone should focus on 3 things:  account security; be suspicious of all documents and links in emails, and protect your devices. 

When talking about account security, we want to use long complex and unique passwords.  Setting up multifactor authentication (MFA) whenever available will be a big help.  Doing these things will make it harder for brute force attacks and if one account is compromised then having unique passwords and MFA will make it harder for the attacker to access your other accounts.  Unique passwords should be completely different and not a standard password that changes some of the characters.  The question everyone asks now is how do you remember or track all those passwords. This can be done effortlessly using an encrypted password database.  There are a number of companies that provide this service.  When using one of these services, set a long complex password and then this is the only password that you ever need to remember.

Most attacks these days start with a phishing email.  The intent of the attacker is to get you to click on a link or open a malicious document.  Be suspicious of anyone sending you links or documents.  This can even come from a known contact that has been comprised.  If something does not seem right then don’t open that document or click on that link.

Make sure you protect all your devices, including your phone, with antivirus software.  This will give you a basic level of protection for your device.  Also, don’t use free public Wi-Fi. You don’t know who is listening on this network and capturing your information.