Solving hard infrastructure problems

From DevSummit
Jump to navigation Jump to search

added by isaac 21-Nov (subject to error) most common issues:

  • email
  • site compromise
  • HA (high availability) / SPOF (single point of failure)
  • right-sizing
  • interoperability
  • incongruent tech stacks
  • excessive vertical integration
  • monocultures
  • lack of specializiation
  • "goldilocks" moments
  • single sign-on
  • lack of peer review / bumper kicking
  • migration costs
  • disaster recovery
  • DDoS (distributed denial of service attacks)
  • compliance (privacy law, regulations)

who are the decision makers and how do they set priority?

how do tech folx get rest of org to take security seriously (instilling fear?)

how to deal with scope creep!

how OSS folx can stop offering too broad of a solution

coordination and collective solutions

translating convoluted policy for comprehension

Marketing solutions to people: communicate value add for users/clients

user training: hands-on to build muscle memory (security table top exercises)


co-op shared services across orgs

development communications (tied to marketing)

OFF-BOARDING (reducing security risk from unused accounts/services)

minimal tools enabled for deployment (determine core requirements and expand from there)

invest in labor pipelining


hostintg providers do one thing and do it well

prioritize automated observability

? is there a public doc that gives NGO sysadmins basic resources?

? how do solo tech leads get help? [other than searching forums, etc.?]

  • civicrm mattermost chat?
  • join live tech communities
  • ? infrared network?