Solving hard infrastructure problems
added by isaac 21-Nov (subject to error) most common issues:
- site compromise
- HA (high availability) / SPOF (single point of failure)
- right-sizing
- interoperability
- incongruent tech stacks
- excessive vertical integration
- monocultures
- lack of specializiation
- "goldilocks" moments
- single sign-on
- lack of peer review / bumper kicking
- migration costs
- disaster recovery
- DDoS (distributed denial of service attacks)
- compliance (privacy law, regulations)
who are the decision makers and how do they set priority?
how do tech folx get rest of org to take security seriously (instilling fear?)
how to deal with scope creep!
how OSS folx can stop offering too broad of a solution
coordination and collective solutions
translating convoluted policy for comprehension
Marketing solutions to people: communicate value add for users/clients
user training: hands-on to build muscle memory (security table top exercises)
hybridization
co-op shared services across orgs
development communications (tied to marketing)
OFF-BOARDING (reducing security risk from unused accounts/services)
minimal tools enabled for deployment (determine core requirements and expand from there)
invest in labor pipelining
GOOD STANDARDS
hostintg providers do one thing and do it well
prioritize automated observability
? is there a public doc that gives NGO sysadmins basic resources?
? how do solo tech leads get help? [other than searching forums, etc.?]
- civicrm mattermost chat?
- join live tech communities
- ? infrared network?