Reading List: 20th February 2016

For my reading list this week I take a look at the topic of #noprojects, something that keeps on cropping up in my reading; how to make microservices work in the real world; Docker, Mesos and Marathon; Cybersecurity themes for the next three years; how to source security superheroes and finally the top 10 ways to spot truly exceptional employees.

As usual, please leave me a comment below if you have any thoughts!

#noprojects — Outcomes: The Value of Change

I’ve shared quite a few articles now on the #noprojects movement. It’s still something I’m working on fixing in my current role, but this article covers a number of considerations that will help to appease most people by focussing on outcomes. The main people I’ve yet to convince are the finance teams — any advice, please leave a comment below!

Microservices in the Real World

I personally work on a system undergoing an architectural change from a large monolith into a more distributed microservice architecture. This article covers a new approach called Self Contained Systems that looks at breaking down monoliths into bounded contexts. This approach definitely addresses some of the issues dealing with going for large to small.

Docker, Mesos, Marathon and the End of Pets

Our team have been investigating PaaS based solutions for a while, but have found most solutions to be very heavyweight requiring a large up-front cost in order to even carry out a PoC (generally in spinning up extra VMs). We’re currently investigating moving towards a Mesos and Marathon based solution combined with moving our application parts into Docker containers. This article takes a practical look at how you go about setting this up. Pets, for those unaware of the term, refers to specialist servers that you need to know the name of, as opposed to cattle, general purpose, readily disposed servers. Thanks to Angus, our DevOps lead for pointing this out.

CyberSecurity Themes 2016–2019

A look forward at a number of key cybersecurity themes for the next 3 years. All of these look interesting, but I’m particularly drawn to “Cybersecurity effectiveness will be measured by risk reduction and not technology deployment”, this will hopefully move further away from the tick box security mentality. I’m also personally interested in “Your phone will become more important than your password” as this has already started happening in my personal world with two-factor authentication.

6 Million Password Attacks in 16 hours and How to Block Them

A look at password attacks from security company Wordfence. Some really interesting findings around where these attacks came from and how to protect your site from them.

Sourcing Security Superheroes: Part II: How Policy Can Enhance, Rather Than Hinder, Breach Detection

A further look at how to enhance the security of products by following a proactive risk reduction methodology rather than just box ticking. Some very interesting ideas on how to source good staff and the traits that should encourage in them.

10 Ways to Spot a Truly Exceptional Employee

Forbes takes a look at 10 personality traits of exceptional employees. It also summarises that it never mentioned technical skills, coding etc — as these are rarely what make a truly exceptional employee. A lesson for us all!