8-minute read
Learning is one of our core values at Simply Business. So the technology team was excited to invite experts in their field to inspire our software engineers to learn about the challenging aspects of Agile software development, domain-driven design and application security, at its third internal tech conference in 2021.
Our internal SB Tech Conference provides an invaluable opportunity for our 120+ strong software engineering team to come together to deepen their knowledge, share experiences and be inspired by technology experts. Run by engineers for engineers, in collaboration with our Training and Conferences community of practice, the SB Tech Conference came about as a way of levelling the playing field for everyone in our technology department to be able to attend technology events.
"Although our teams regularly attend external conferences, we realised that often only a handful of people were able to attend. We wanted to open up specialist technical learning to everyone in Simply Business tech, instead of relying on those attending external events to share that knowledge with their colleagues. By organising our own internal tech conference, we've been able to give everyone in tech the opportunity to deepen their knowledge, share their technical challenges and network with specialist speakers".
Emily Harris, TechOps Lead, Training and Conferences community of practice
The Simply Business Tech Conference 2021 was a big hit with our UK and US technologists. This year's conference organisers (TechOps team Emily Harris and Emma Hurndell, Senior Cyber Security Analyst Laura Blackwell and Staff Engineer Hemal Varambhia) lined up keynote speakers to talk to us about:
Here's a roundup of some of the takeaways from the conference talks.
Tim MacKinnon, Agile Consultant and technologist, talked to our engineers at Simply Business about what's changed in Agile over the last 20 years.
Practices such as pair programming, testing, retrospectives and continuous builds have been around for decades. But are these practices an Agile fairy tale? It sounds simple, but Agile is not magic. Software development is hard. It's not just about managing changing requirements and working with the business, it's also about humanity and teams, and understanding that people make mistakes.
In software engineering there is often a focus on the negative; software engineers don't talk enough about successes. The key is to take baby steps and take responsibility for what you're doing. Practices such as Agile and XP are all inter-related; they're about striving for more rather than dropping the bar so that everyone can jump it.
In his talk, Tim emphasised the importance of sharing a common vision for architecture. We may think we're talking about the same thing but in reality we may not be, so it's important to look down the road and understand how that road will change. It's important to share a North Star vision for a project. Drawing sketches and having visual metaphors, storyboards and visual artifacts go a long way in getting joined-up thinking.
Simplicity can often be undervalued in tech. Domain-driven design advocates creating an ubiquitous language and simple design - doing the simplest thing that could possibly work. Tim reminded us that CRC cards are an underused art that can help teams understand the entities in a system and how they communicate with each other. Acting out the system using CRC cards can help to simplify solutions.
Tim stressed that all practices are important and to focus on how to do something better or in a different way rather than throwing it out.
Some of these practices might include:
Concluding, Agile still delivers in 2021. Balancing business and technical decisions, managing risk, using people-oriented processes and most of all making things human is important. It's thinking about how to hit a ball down a golf course, then dreaming about where you're going and creating a positive core.
It's not uncommon for software engineers to favour working on new code rather than legacy apps. Julie Lerman, a keynote speaker in domain-driven design, architecture and evolving legacy code, took Simply Business engineers through some ways to put this into perspective and how to devise a strategy for the future.
Programming Entity Framework by Julie Lerman.
From her experience in speaking at international conferences, Julie raised an interesting point that it's normal for many engineers to be working on code that's ten or more years old, but that legacy code exists because it's still important to the business.
Many industries are still being run on very old software that still works, so it's not easy for companies to think of getting rid of it or taking up the investment to replace it. There's also the risk that replacing the legacy system will break something.
So how can companies who want to move away from legacy software approach the transition to a new system?
When tackling software complexity, applying the principles of domain-driven design provides a strategy for breaking big complex problems into smaller ones. It's important to understand the domain and its behaviours through deep engagement with domain experts to learn about the business. Julie advised that there is no need to be an expert in all aspects of domain-driven design straight away:
To help identify bounded contexts, event storming is a useful brainstorming technique. Start by writing down what you know about the system, then order and group them. Identify the events that are transitional - these can identify new boundaries and bounded contexts.
Julie concluded that the key to working with legacy code is to honour it, improve it and then transform it.
The closing talk at the SB Tech Conference was on application security by Scott Helme, a security researcher and an international speaker who delivers training on hacking and encryption for software professionals.
Scott Helme is the founder of Report URI and Security Headers.
Scott shared his wealth of security expertise with Simply Business engineers and gave some tips on navigating the numerous security tools available. He explained the need to shift security left and train developers, so that security is not a tick box at the end of the development pipeline.
Scott spoke with us about some of his earlier security research such as the EE Brightbox router vulnerability he discovered - both part 1 and part 2 - and the struggles he has had reporting security vulnerabilities to organisations in the past.
These are some of the tools that were top of the list for website security testing:
testssl.h
(https://testssl.sh) runs against internal endpoints and gives a score for encryption.Tooling can go a long way towards narrowing down issues further down the line, but Scott was keen to point out that there is always a need for pen testing by someone with the skills to be able to break the system.
This was our third internal tech conference in recent years. Now that our tech team has expanded in different geographies, we held the conference sessions over Zoom on two consecutive afternoons, so that teams in different countries and time zones would be able to attend.
Running an internal tech conference takes some preparation. If you're thinking of organising your own internal tech conference, here are some things we've learned along the way:
As the conference date approaches, all that remains is ensure it runs smoothly:
We hope this inspires you to run your own tech conference!
Want to know more about what it's like to work in tech at Simply Business? Read about our approach to tech, then check out our current vacancies.
Find out moreWe create this content for general information purposes and it should not be taken as advice. Always take professional advice. Read our full disclaimer
Keep up to date with Simply Business. Subscribe to our monthly newsletter and follow us on social media.
Subscribe to our newsletter6th Floor99 Gresham StreetLondonEC2V 7NG
Northampton 900900 Pavilion DriveNorthamptonNN4 7RG
© Copyright 2024 Simply Business. All Rights Reserved. Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). Xbridge Limited (No: 3967717) has its registered office at 6th Floor, 99 Gresham Street, London, EC2V 7NG.