Tag: commentary

Posted on

Privacy Matters

By now you’ve all heard about GDPR and how it affects just about everything you do with data. The sad thing about it is that the bulk of it is really all common sense when it comes to the use of Personally Identifiable Information (PII). Of course, we all know that common sense isn’t very common either…

I received an email from a recruiter the other day which brought privacy matters back into my mind again. I’m used to getting various emails with all sorts of different job opportunities or even just introductions. This one though caught my attention. It wasn’t the email content, or the job opportunity (it was actually saying that there were possibly multiple openings all over the place and I could pick and choose), or even the awful formatting that it was in (please stop copying content from Word, complete with random bolding and highlighting, into your emails without reformatting it!). It was the email distribution list. Instead of relying on an email service, or even adding multiple emails in the BCC line, this recruiter added 207 emails to the CC line…

Is my email PII? The US Department of Labor says it is (and the EU’s GDPR legislation agrees).

Further, PII is defined as information: (i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or (ii) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification.
– US Department of Labor

I emailed this recruiter back, chided them for not respecting my privacy, and due to that requested that they remove me from their system and to never contact me as since I could not trust them with something as simple as an email address, how could I trust them with client confidentiality and any other information I might give them? I did get an apology from them along with a promise to remove me. Who knows if they really deleted me or not…

I know I was making a bit of a mountain out of a molehill. At the very least, it could have turned into another Replyallcalypse with a flurry of resumes and queries going out to everyone. Worse would be someone using that list of CC’d emails to attempt to access our various professional and social accounts and such. Enough of the speculation though. After all, common sense says that “this information wasn’t meant for me, so I should ignore and delete it.” Right?

As an engineer, privacy is critical. You should only be looking at the specific data you need to complete your task (such as fixing a bug that happens only to User X). If you’re using data to achieve a larger task in the system, you should only be referencing the data you need for the task (no more “SELECT *” SQL).

As a manager, privacy is no less important. You’re the next layer of privacy defense, helping to ensure that your team is producing privacy compliant software, regardless of if it is GDPR, HIPAA, PII, or just plain common sense.

Avoid The Replyallcalypse and keep your employees’ and customers’ data safe; only use what you need, when you need it, and avoid the CC field at all costs. You don’t want data loss to be yor folt

Posted on

The God Complex

When was the last time you walked on water or turned water in to wine? You haven’t? Are you sure? Because that “holier than thou” attitude you just gave the Product Owner over why that task couldn’t be done said otherwise.

Why do so many engineers insist on thinking that they’re better than their non-technical counterparts on the team? I’ve seen it time and time again (and quite honestly back in the day was a little guilty of it myself).

There’s nothing wrong with being proud of the knowledge and skills you have as an engineer. It’s true that not everyone has them. At the same time though, it’s not acceptable to hide behind the curtain of knowledge and give some hokey answer as to why something can’t be done. I don’t know how many times I’ve heard one of the following:

  • The system can’t do that
  • That’s a major undertaking that will take too long
  • The user is doing it wrong
  • It’s not my problem
  • It can’t be done

You know, with the right explanation, any one of those could be a valid reason. Yes, even the “It’s not my problem” one is valid. You just need to have a very formal process and clearly defined division of roles and responsibilities to be able to get away with using it. Even then, you should always offer up what individual or department is responsible.

If you’re pushing back because the user is doing something wrong with your perfect code it’s time to reevaluate your test cases and edge scenarios. It’s possible that the issue could be resolved with a little UX help to make things more obvious to the end user, but even then, they obviously did something that you didn’t expect them to do. It’s time to suck it up and admit that your code wasn’t as perfect as you thought it was. Now go write some unit tests to cover this new scenario and write some code make those tests pass. While you’re at it, talk to the QA team and your Product Owner and see if you can come up with a few other potential edge cases to handle. If your users found one, odds are they’ll find another.

Claiming the system can’t do something or that the change will take way too much work to do are similar in nature and can be handled the same without coming across too high and mighty. Let’s face it, some requests really can’t be done easily with the current code base and language or the current system architecture. If that’s truly the case, than come out and explain why it’s the case.

As a manager, there’s nothing I liked more than having an engineer tell me that something would take too long to do or that it would break the current system with no better explanation than that. I’d have lunch at my desk, or do a little work that night, and turn around and send a branch of code to the developer with the solution the next day. Please, don’t tell me something will take weeks to complete when I can solve it in two hours while watching a bad movie.

The worst offender in that list is “It can’t be done.” Odds are you’re not being asked to do quantum computing on an old 386 desktop computer, which would truly qualify for that statement. I’ve heard “It can’t be done” more often than not when it’s something that can be done, but the engineer doesn’t know how to right away, or has never done it before. If you hear “it can’t be done,” push back and ask if it can’t be done or if they just don’t know how to do it. Chances are they’ve never done it or don’t know how to do it and are afraid to come out and admit that hole in their knowledge and lose the mystique surrounding what they do.

Of course, sometimes the entire reason behind any one of the “excuses” is really just that; an excuse used to try and hide the engineer’s laziness. If they’re just being lazy and don’t want to do it, that’s a whole different issue…

As engineers, we need to stop trying to cover up our short comings with cocky attitudes. We need to admit where we are lacking and seek the knowledge (and assistance) whenever possible. We need to give sound reasons to back up our statements, especially when they are deemed negative by the rest of the organization. If we want to be the gods of the organization, we need to do it with humility and helpfulness and have others bestow the title on us. We cannot do it just because we think we’re good enough or, worse still, better than everyone else.

Further Reading

Programmer Culture and the God Complex

Posted on

Hiring a Ruby on Rails Developer

One of the biggest challenges I’ve run in to as a manager is writing the right job description for the right job title. Get that right, and suddenly the right candidates appear in your inbox (well, at least you’ve got a better chance of getting the right candidates the first time). That being said, let’s presume you’re looking to hire a Ruby on Rails developer. Maybe it’s for a new department or project, maybe it’s to augment an existing team. Either way, there’s three levels (in my mind at least) for a Rails developer. So what are the levels/titles and their qualifications?

Junior or Entry Level Developer

These are the new developers. Call them “entry level” if you will, as that’s what they are, entering the workforce. They’re generally fresh out of school, or they’ve just finished up a coding boot camp and are looking to change careers. Either way, odds are they’ll be great to augment an existing team, especially if it’s a well established team which enforces code reviews. Using the power of the code review to help them learn the nuances of the system and the enforce good coding practices (you did write tests and they do pass, right?) will help them quickly become a solid developer.

At this level you should be looking for someone with under a year of experience, but who has taken classes in the subject and can answer high level questions about the language itself. You’ll want to know that they have a firm grasp of the MVC (Model-View-Controller) architecture that Rails uses. Throw them a coding challenge if you must, but keep it simple, and look for well commented code with simple logic. Trust me, you’ll know if they head off in to the weeds on this.

On a side note here, I’ve taught a few boot camp classes, and some of the students who came out of it were pretty darn good. I tried to “sell” one of my students to a recruiter, who then told me that none of his clients would look at a some for a junior developer position unless they had at least two years of experience in the language. That’s pretty harsh and short sighted in my opinion. If these guys had two years of experience they wouldn’t be junior level!

Mid-Level Developer

To me, this is probably about 70% of the developers out there. They’ve got about two to five years of experience with the language, have probably gained their experience in at least two different companies, and are able to code just about any challenge you throw at them. They may or may not have exposure to multiple databases, but that shouldn’t matter.

They should be comfortable with SQL in general, and should be able to speak a little to the NoSQL side of things (which is pretty much just key-value document storage, so if they’re comfortable around JSON, they’re good to go in that arena, especially if they’re augmenting an existing team). Speaking of data and databases, can they adequately explain when you should consider using seed data, and what the pitfalls of it can be?

Ask about their testing habits. Are they strict about TDD (Test Driven Development)? Do they at least ensure that there are tests for the code they write, regardless of where in the process they write the tests? Ask about their preferred testing languages and why (don’t worry if it doesn’t match what you already use, they’ll adapt).

One key item I would look for here is how comfortable they are in the console. Can they use the Rails Console for debugging purposes? Being able to run around within the console to verify and debug things is a critical skill. Beyond just the Rails Console, do they use the Interactive Ruby shell (IRB?)  I’ve found that sometimes it’s helpful to just jump in a test a theory without having to worry about the rest of the Rails project.

Mid-level developers are great for augmenting existing teams as well as starting up new ones. They can generally hit the ground running after a few days of looking at the code base and can be a productive member of the team in just a few Sprints.  At the same time, they’re perfect for starting a new team if you already have a well documented project, and possibly a software architect who has given an initial thumbs up to the project.

Senior or Lead Developer

Here’s where it gets tricky. At this point it’s not just about how long you’ve been programming in Ruby on Rails. You could easily say that anyone with over five years of experience could be considered a senior level developer. However, it’s more than just the experience level. How much are the willing to help guide the other members of the team? Do they look at the junior developers and see potential and help them to learn and grow? Or do they just sit by and let them struggle? I’ve known some developers who have over a dozen years of experience, but have no drive to help anyone on the team other than themselves. Those guys will never be senior level in my mind. I’ve met others though who are such team players, and such leaders within the organization that they naturally fall in to a senior level even though they’ve only been doing something for three years. I’d be willing to hire someone with only three or four years of experience but shows solid leadership skills over someone with seven years of experience who is more interested in just getting the minimal amount of work done and just collects a paycheck.

These are developers who help make the product owners make decisions when they have questions over if a feature is feasible within the requested time frame. They can help to scope projects because they know what everyone on their team is capable of achieving. They push the other team members to become better. With the right senior developer on the team, the results you get from the team will truly be greater than the sum of the parts.

A senior level developer is perfect for helping get a new project off the ground. They can help make the right choices in the beginning of the project, and will quickly know where they will need the most help within that project, so you know what skills you need to hire in next.

They’re also perfect if you find that you have an existing team that seems to always be struggling to fully deliver. Let the senior developer come in and help try and correct any bad habits that your current team has. Have them help coach the team while they help pull the project across the finish line.

The Ideal Team

If I had to start a new, large project from scratch, I’d look for a four person team. I’d start with one senior level, lead developer. Once they are able to help analyze the project I would have them give their recommendations as to if we needed three mid-level developers, or if we could do a combination of mid-level and junior developers.

If I was augmenting an existing team, I’d look at the current needs of the team and the seniority levels of the existing members to determine what I needed. I know that this answer is a little more vague than all the rest, but it really does depend on the skills and needs of the team as to if you bring someone junior in to train them, or someone more senior to help grow the team for you.

Posted on

Welcome to Geek 2 Man

As a software engineer, scrum master, and, in my humble opinion, generally intelligent guy, I have often found myself sitting in meetings thinking, “I could do that.” and on a few other occasions, thinking to myself, “What in the world is that manager thinking?” And so my quest to leave development and enter the magical, mystical realm of management began.

This site exists for several reasons.

Think of this as a diary

This isn’t some super secret diary with a lock on it stashed away in the night stand. While it might do me some good to have one of those, it won’t server the full purpose: dialog. Let me get me thoughts out, and in exchange for reading my diary, I hope some of you will respond back with your thoughts. Tell me I’m nuts. Tell me you agree with me. Either way, ideas can’t grow or help others without the open dialog.

I like to tell stories

I’ve heard lots of great analogies over the years. Quite a few were stories when I first heard them. Others were just good ideas that then were turned in to parables (of sorts…) when I explained them to others. So why not share?

Consulting

OK, yes, there is an ulterior motive here… I’d like to think that some of my thoughts are good enough, or important enough, or even just entertaining enough, that maybe someone out there wants to pay me to use those ideas. Maybe that’s a speaking engagement. Or maybe it’s just for help with instigating change within their organization. Or maybe I’m just so darn handsome. The sky is the limit with what I can accomplish and what I believe I can help others accomplish. Like what you see? Let’s talk.

 

It’s because of this journey of being a geek to becoming a manager that this site exists.