Detailed Notes
Season 23 of the Building Better Developers podcast kicks off with a focus on building better habits. The first episode covers a critical topic for developers and tech enthusiasts: security awareness. Hosted by Rob Broadhead and Michael Meloche, the episode stresses the need for vigilance. In today’s rapidly evolving digital world, staying aware is more important than ever.
A Shift Toward Actionable Advice
The hosts emphasize that this season will be more actionable than ever. Unlike the last season that focused on the developer journey, Season 23 targets building better habits. These habits promote more effective and responsible development practices. Each episode will cover specific skills, tools, or behaviors. Developers will learn how to integrate these into their daily routines. Security awareness, the focus of this episode, is a vital habit. It directly impacts both personal and professional data security.
Action Item: schedule at least 30 minutes to explore security awareness. Use a search engine to find security awareness tools or vendors, many of which offer free content or trial periods. This will help you stay updated on the latest scams and security threats.
Read more... https://develpreneur.com/security-awareness-protect-your-code-your-career-and-your-future/
We invite you to join our community and share your coding journey with us. Whether you’re a seasoned developer or just starting, there’s always room to learn and grow together. Contact us at [email protected] with your questions, feedback, or suggestions for future episodes. Together, let’s continue exploring the exciting world of software development.
Additional Resources
* Cybersecurity Best Practices (https://develpreneur.com/cybersecurity-best-practices/)
* Improve Security Awareness – Interview With Tyler Ward (https://develpreneur.com/improve-security-awareness-interview-with-tyler-ward/)
* Organization Security Tips and Tricks (https://develpreneur.com/organization-security-tips-and-tricks/)
* Security Assessments – Find Your Vulnerabilities (https://develpreneur.com/security-assessments-find-your-vulnerabilities/)
Follow-us on:
* https://develpreneur.com/ * https://www.youtube.com/channel/UCZOuFN_LhczvGyT2KSItH_g/featured * https://facebook.com/Develpreneur * https://twitter.com/develpreneur * http://linkedin.com/develpreneur
Transcript Text
[Music] welcome back we have a effectively hit record again and we are starting a new season this is season 23 wow that's just I remember when we were at episode 23 and it was like wow we're gonna get to 25 with this sucker and now we're just like cranking along this season we decided quite a while back as we've noted uh throughout and you guys even got some bonus material along the way is we want to do building better developers we want to focus on things that can help you things that are like some ways to become a better developer and I think we're going to our goal is going to be with each episode we're going to try to get something that's uh some sort of action item or something like that I don't know what we're going to do with this one I think probably I'm going to come up with something that's going to be like a sort of a quicker shorter one but moving forward I think that's almost going to be I think we can almost have like a templ type a format of basically saying hey here's the the skill or whatever that we're going to look at the focus that we want to have for this episode talk about it a little bit talk about maybe like how we we work with that skill maybe some tools that we found related to it and then be some sort of a challenge that I think honestly I think most of these we want to challenge ourselves as well because it may even be something even if it's something that we're doing is just to make sure that we continue doing that for the next you know whatever it is seven or 10 days and I think that's probably what we you I think would make the most sense is to pick maybe like for the next seven days just like maybe that's that's each time we're going to come out of it is we're going to say hey for the next seven days give this a shot assuming that it may you know it's a daily thing and I think we can we can probably make that happen and it it may be stuff that's a little bit different because I'm thinking of things as like I'm looking over here as like getting things done the GTD approach to stuff and sort of like you know looking at some of those things we may so there may be some of these uh theories and philosophies and stuff like that that we're not going to totally embrace but I think it's stuff that we should go back to each of us like I think of you know your favorite word because you never can get it right but the Pomodoro Technique is maybe go back and say okay for a week let's you know for your work week let's do some pomodoros go out there and do you know use that approach and see how that works even if you've done it before because we have um you know step back into it for a little bit and see how that goes and and we would love to get feedback on this kind of stuff as well because I think there's going to be some of these things we're going to be like huh I don't know if that's going to work or not not and it'll be interesting to see if it maybe it works for us and not you or vice versa or you know your per you do but your buddy doesn't or whatever it is however that works so I think we'll just kick it off and I'll just Vamp and rant because that's what I do best and we'll talk about going into this season you well I think you touched on what the season should be let's just call it getting things done no because we do getting things because it's actually like that that's like a it's probably almost trademark so if you do getting done and the GTD and that is like I don't want to like step on that because it's really not it's really more than that action items or no it's like I think it really is it's like it's building better developers but it's um you know we did the journey last time the developer journey and this is maybe um we did behind the scenes before that which was basically building better developers was maybe this is building better habits maybe that's the season I like that is that we can I think then we can sort of steal our own name and we can sort of focus on that for a while and then we'll see where it goes because we have a season 24 somewhere up there too we got to figure out what our next season's going to be but we let's tackle it one season at a time all right so building better habit that sounds like yeah and we can bring that up all right well hello and welcome back welome welcome to season 23 of the building better developers podcast also known as developing actually it was developer first but I digress I'm not going to digress by saying I am Rob Broadhead I one of the founders and one of the hosts of the show obviously I guess one of the hosts that's probably like needlessly needless to say and also a founder of RB Consulting where we don't do podcasts we actually I guess we do blogs we do newsletter and stuff like that but you're not going to see my pretty face unless you're a customer and usually you don't want to because that means that you've already run into a situation where you've got technology issues your stuff got out of hand you don't know what you've got you don't know where you're going you may question the team that you've got right now those kinds of things that are technology paining points that is what happens when you have technology sprawl whether you know you're just as we talked about last season you're not getting your documentation together you really don't know what you have we come in help you out we can assess stuff we do and we find a way to make it easier for you through simplification Automation and integration is like take that big mess of stuff clean it all up make it work together polish everything up give you some documentation and a sort of a map of like you are here and let's talk about where you want to go so that's that's ARB Consulting that's what we do reach out anytime good thing bad thing moving my moving on through this so I'm g go with a go with like the family kind of stuff is that we have got uh I've got a I I I get confused on I guess it would be a niece in-law uh that has got a 21st birthday that just had that and is now coming into Nashville area for several days to go enjoy that and so it's like it is a full several days wife's been around doing a bunch of stuff with her we're going to have do some things with them today we're going to do some things tomorrow this is Saturday we're going to do you know fill our weekend we're going to have a big basically monthly family gathering of everybody getting together hanging out eating food stuff like that so that's a good thing is it's just enjoying life bad thing is this goes back to like incremental and momentum and you know keeping up with stuff is I looked the other day and I was like I am due for an oil change but I've got too much stuff going on so I'm like I have got to find time and with all this family stuff to go get an oil change so you know first world problems may maybe but on the other side somebody does not have first word word gosh I can't even speak today Michael introduce yourself hey everyone my name is Michael MOS I'm one of the co-founders of develop preneur and founder of Envision QA where we help companies unlock their software potential through a comprehensive software quality insurance review and test Services you know you can discover how all the areas of your software development teams from sales to QA can enhance customer satisfaction and improve software quality right from the initial conversation with your users so don't neglect testing good and bad uh good thing this week um Mo moving on with uh current customer making some progress completed another big milestone and we're getting ready for the next phase of work so that was a huge lift and ready to get the next part going uh bad um not too much bad only bad is daughter unfortunately got her flu and Co shot at the same time and was out so had to help her a little bit yesterday we as I mentioned are starting the new season the season 23 and this season is going to be our folks going to be building better habits we are going to talk about we talked about the developer Journey last season and some of the things that you need to do along the way we're going to get more uh actionable this season we're going to talk talk about things in a way we're going to have a topic we're going to look at you know maybe it's a skill set or a tool or something like that and how do we build these into our life how do we utilize these to become better developers so we're going to talk about a lot of different skills and we're probably going to touch on some areas uh potentially touch on some areas I think that you they're going to be new to you where you're going to be like ah yeah I probably should know more about that I should spend more time on it as an example because I think that's a great way to start start the season as we're we're looking at what we've got ahead I think we want to talk about security awareness because this is something that actually can affect anybody it's amazing how often that some of these uh these fishing scams and things like that are successful particularly when you get into social engineering stuff and how prevalent they are it's a if you if you've got a little bit of an eye for it you know looking for it it's amazing how much that stuff is out there so it's it's really easy to you know you could trip and stumble and next thing you know it's like boom you've you know had some sort of a hack or something like that so and particularly us because we are technical people in general I think a lot of us feel like ah I got it figured out I know how to like see where that email address is coming from or something like that so I know but we can still have those moments so I think one of the things this will be I think we'll use this as our example to start off and instead of doing like we're normally going to do a 7-Day challenge I think this is something to because it's not a daily thing maybe as much is put it on your calendar for like say seven months or I would say for the next year is go just like yeah right now you can action an item put it on your calendar somewhere pick a little bit of time probably I would say at least a half an hour to just explore security awareness and the way you you can do this is go use your favorite search engine and look for security awareness uh tools or vendors and most of them have some sort of free content available sometimes they've got stuff that's just you know it's always available they've got some Evergreen stuff and things like that a lot of them will run uh specials they may have a little trial period or something like that so you can check out a few things and they do for most part they tend to update those regularly with some of the late things and scams that are out there I think that is a great thing to do for all of us on a regular basis uh it's one of those I've looked at these I've I've gone back to security awareness vendors on multiple times over the years talked to a lot of customers about them have not implemented a plan yet at RB but that is one of the things that I think is you that is is definitely on my uh my road map of things to do is once we grow a little bit more is we will probably have a you know security awareness program that we hit on on a regular basis because even as a you know somebody that is is I would say I'm not a security guy but I am fairly aware of those things because I do go back to these on a regular basis I hear a lot of horror stories from customers and and even people I meet in the street um so I I sort of keep up with it but still it seems like every time I go back through you know one of those kinds of awareness programs or I look at stuff there's something new out there and it's not something necessarily that's bit me it's maybe something that's not uh even you know on my radar or something like that but it's kind it's the the scope the audacity some of the things that are out there is amazing and it is informative if not for you I think it's something so that you have that on your radar so that when you're talking to family members and co-workers and things like that is to just sort of like drop those little nuggets occasionally and say hey by the way you know you may want to double check that cuz there's a scam going around that is that and you know check and you'll see it a lot on social sites whether it's your you know your Facebooks or one of those kinds of things where you'll see people talking about hey is this a scam and it's actually it's a great way to check on stuff is like hey I got this is this a scam and if it's not great but you can get stuff that looks very scammy I actually got something as an example before I I throw it over to you Mike I want to get an examp example is I got a bill there was a tax bill that from the state that they hadn't sent me they had sent me but they' sent it to an address that I hadn't lived at in like 20 years and they had sent this like once a year for I don't know for for 10 years it was like it was insane how long they' done it and they never reached out to me they finally decided that after all these years and this that 10 years ago or they whatever it was when they did it the place they were sending it to I hadn't lived in 10 years before that so I don't know why they even had that address I don't know why they weren't sending stuff and then suddenly were but they never reached out by phone they never reached out by email until after a decade and they said oh by the way you've got like all of this stuff all these like back uh filings that you need to do and it wasn't a big deal it was like I don't know 100 bucks of filing or something like that it wasn't huge but there was a bunch of them and the funny thing was they didn't have the they didn't have the ability for me to even submit all of those they were like you got 10 of these and we're going to find it I'm like wait a minute you ever notified me and we walk through all this stuff the key to this though was I got an email out of the blue that was just like hey this is what we are and and so I was looking all I researched the heck out of thing I was like is this a scam I finally went and looked I looked at the phone number and it was like oh hey this is a valid like phone number for a department that makes sense I looked at the email address and I was like okay the email address that it says looks good everything seems like legit so I actually sent them an email and said hey or maybe I left on voicemail can't remember which one but I was like hey I think there's a scam going on that's related they're using your information because I have no relation to any of this and it looks like it's a scam and ended up going back through stuff and talking to him and found out oh no it actually is legitimate and I had to go through like eight different channels because I didn't want to be you know something where I say hey you're scamming me and the scammer says no I'm not this is legit so it's one of those things where you know you you want to be aware and sometimes you will be you will overdo it like I did maybe but it's better to overdo it than underdo it and get bit by it so what are your thoughts on actually I guess let's first because I've taken up all the oxygen in the room I like you go ahead and like your thoughts on the season ahead and then maybe your experiences and some thoughts on security awareness yeah so the building better habits I think is going to be a great task for us and our listeners to really better themselves I likeed your pivot that we start out with security in part because really near and dear to my heart um a family member actually got scammed and lost a lot of money um through a social engineering um hack so to speak and it really I I guess the Hokey movie that I could related to is if you watch the movie beekeeper that happened to my family member something similar to that where uh they got some spyware on their computer their machine locked up they basically ran somewhere and they took over and they she called and it it just was bad with the idea of reviewing your security profiles you know what's out there you know what kind of security hack scams are out there the other thing I would kind of add in with your task or your challenge there Rob is to also review all of your online accounts make a list of all your user IDs all your passwords put those in something secure like key pass password one Whatever add that to your list now that's not something you want to do once a year you probably want to do it every 60 days 90 days maybe go through and review an update your passwords also be careful not to use the same password for multiple financial institutions uh if you get hacked at one or they get hacked they potentially could then get into all your other financial institutions and you know drain your accounts you don't want that the other task with that I would recommend is keep as you're doing this review like Rob suggested make sure you use your tools most browsers nowadays will tell you if you've saved your password hey your password has shown up on X andx hack um or your email has go change those passwords don't ignore those go out to those sites legitimately go to those sites don't click emails don't go through website go to the email or go to the actual site like if it's Facebook go to facebook.com don't click the link in the email go to the dedicated sites you will find nine out of 10 times email communication or text of some sort saying that your account has been compromised is probably social engineering or a hacker trying to get your information when in doubt go straight to the source make your changes there or contact the institution that's reaching out to you like Rob said he went through and did the research anything governmental they will not call you they will send you a letter then call go online or call your local uh government office and ask them who to talk to don't go through the communication go through them and nine out of 10 times uh you will find that it's either valid or it's a scam but that's the quickest way to kind of rule out any third party mediators go straight to the source go ahead BR sorry oh nothing go ahead you look like you still you were on a roll I I did not want to get in the way of your momentum um so the other thing too and I've noticed this like you rob more and more is you know not just mail email but I've started getting more and more calls and texts from random sources which is strange now if you have an iPhone you can actually block a lot of this uh I think Android Samsung's getting better at that uh they've added some new security tools look at your devices you know if you have an uh like an iPad an iPhone Apple there's so many security things you can turn on that are built into the device to protect you as a consumer turn those on yes they may become com an annoyance at the beginning but once you realize the value do it Microsoft especially there are so many viruses targeting PCS make sure that you are protected you know get those antivirus softwares get those uh spy blockers uh you know put those tools on your computers you know that is a part of this security review that we're talking about make sure that you protect your machines and your data you do not want to be one of those people that are victimized by a ransom hack or Ransom attack where you can't get to your information and they're holding you hostage especially if you're a big organization or building or uh company what are your thoughts on that Rob I I agree um I think those are it's this is part of the the habits uh I do want to point out that you know this is typical of a of the professorial background that Michael has is that we say here's your homework and then he adds three other homeworks on top of it and I I may or may not be anti- Academia we will leave that just a let the let the jury decide that let the public decide but those are all very key things I think in particular and this is why we do this this is why building better habits is one of the things we're going to talk talk about and this is why I mentioned let's go ahead and start with security awareness and do this on a regular basis because the things that Michael just listed out are the things that you're going to see probably in every single security awareness program they're going to talk about things like password complexity don't use password or one two three or your dog's name or something super simple like that use something use complex stuff there are tools to generate insane random passwords utilize those things utilize multiactor authentication where you can it's not going to it's not the be all and end all but boy it will help a lot and it is very easy to to put that into almost anything that you're dealing with especially if you're building something go ahead and utilize that if you if you're tired of doing things and you're like I've got too many things that I've got to connect to then work on like you know learn about single sign on and some of those kinds of things those steps are all very useful steps to protect yourself and your your data your company your family there's a lot of these things that's just it again goes to let's build better habits let's have these things on you know in our mind on a regular enough basis that we can take some of these and we can build on those habits and say oh yeah I need to look into this regularly for example if I'm going to do a monthly security awareness catchup part of that may be I'm going to go look back through and see is there some passwords I need to change or there you know there's some sites that I need to close down or you know to end my subscription am I getting too many stinking emails from somebody yeah those kinds of things I think are going to be very valuable to you moving forward which are why we want to do this uh this whole season really is to say there are these things that we way too often I think we sort of feel it's like a it's a oneandone or you know maybe a one or two off and you just sort of do it and it's like okay I'm I'm done with it I've like I've learned that or I've I I can check it off my box but there's a lot of these things that we actually do want to revisit on a regular basis because things change because we want to stay current with whatever that topic is your thoughts yeah and the other thing as you're working on building these habits you know keep track of them you know go spin up a notepad or spin up a Wiki and start keeping track of these things keep a journal as we mentioned in the p as you build these habits write them down keep track of them as we go through the season and a final thought on security awareness is also if you're a business look in your industry because there might be some additional governmental security things you need to be aware of as well so as a I guess we've given you an action I I want to give you a little bit of tools I did talk about just go out and do a query on like security awareness programs so I'm going to give you two things here one this is even bonus mat everybody gets this one I've in the past uh and I've recently it's probably been a year or two I think the last time I updated this is I've done some some research into the the essay the security awareness world for some of my customers and I have been able to as part of that in some of the conversations it's probably going to be a little dated but I was able to get things like pricing information and some comparisons like what do they provide what don't they provide what and there is a when you get into this world there is a lot of stuff that they may or may not provide because some of them also have like learning management systems as part of it and things like that so that you can as an organization build your own content into this program they've got some of them gamify it some of them have some sort of a you know it's more of a uh like checking off a list and making sure that you do regularly like you know review the material or watch the video or what whatever it happens to be shoot us an email at info develop order.com and say hey I would like to see your you know that security awareness program summary or overview uh you can take it with the grain of salt because it may or it may or may not fit your organization but I will be glad to you know put that together and send that out to you a couple of names to just go with if you if it's too hard to search first uh something the the companies that stick out in the in the past is uh nobe KN W uh the be and then the number four they do it and they have a pretty uh they had a pretty good they were like pretty good pricewise I think they they tended to be on the lower the lower cost and had a you know a pretty solid just security awareness program mcast was one that had a lot of good features to it was one that I remember being a I think it was actually a winner for the the one customer that I was working with and infosec is another one that they send stuff out a regular basis and I and I think the infos sec I I'm pretty sure always does every year there's a it's security awareness in October and I think there's another month that they send out just sort of like a free hey we just want to make people more aware kind of packet so you can get on their email list uh Noble before I think does that as well and I'm trying to remember uh there was another one that disappeared I think now it used it was like uh I don't see them as I'm looking at a search it was like security ninja or something like that I wish I could remember what that was wa what I'm going to do a quick check there ninja what was it uh it may ninja iio there we go n i n j IO um and there's was like just some really fun videos it was really good stuff around uh security awareness and it was again it was a little more expensive but it was I think they were the ones that they had it was like it felt like a Saturday Night Live uh skit was a lot of their you security and stuff like that uh or I'm sorry no theirs are are more there animated but it's usually you know 3 or four minutes of a good little you know cartoon basically that walks you through some of those programs so that's some bonus material for you there's some there's great places out there so that's your uh your homework as we come into this season is let's start off with go spend a little bit of time and you know get more aware on security Awareness stuff is understand what's out there take a look at a couple of the sites you know throw it throw like a you know a Spam friendly email address for you're just like hey I just want to get download some of their packets cuz you can there's going to be some information there that's free there are also as you do the searches you're going to find I think there's a couple of sites that have free material they provide as well so you may just want to dig into into that that being said it is time for us to wrap this one up not the season we just did that this one we're just wrapping up episode one of season 23 where we're going to be building better habits so I'm really looking forward to this actually since Michael threw this out I know months ago it's like hey how about this I've glommed on to it and said I'm really looking forward to this season I think it's going to be a really fun one and it's going to be very useful for us so as always shoot me an email info developer.com check us out at developer.com and go ahead and fill out our contact us form we're out on X you can go at develop anur if you want to see sort of what's going on there uh you can go catch us on wherever you get podcasts you can subscribe to the podcast wherever you get YouTube which is YouTube you can go to YouTube develop andur and you can go check out the developer Channel where you can watch these things and also all of our prior material and and future stuff because at some point we'll be getting back we we do occasionally put some like tutorials and things like that out there as well that being said we're going to wrap this one up talk to you next time around so go out there and have yourself a great day a great week and we will talk to you next time bonus material so so technical bonus material for the developer side of things we have covered uh arani I think I people complain I say it wrong uh I have some videos out there for this uh software tool that you can put up that will analyze your software find some bugs uh infos was a very good one that you mentioned earlier and for those of you uh that deal with thirdparty dependencies oas.org ow W ASP I never say that right yeah o o WP is a great free Tool uh that you can actually plug into a lot of your software development and it will you can add it to your continuous integration so as you do your builds it'll analyze your dependencies and if any dependencies have uh like a higher uh flag of vulnerability you get flagged and then you can go uh update your dependencies or figure out how to fix the problem I think I gave away enough of my bonus material because this was that is a bonus I the uh the little RFP kind of thing I did it's a couple of pages I talked through sort of the highs and lows the pros and cons of several of the the programs are out there there are some new ones that you know there a couple more that have popped up uh but I think it's something that and I actually go back this is one of those things I go back and review this material every so often because I do every so often say maybe I should go ahead and launch a you know connect to one of the and Implement a program in my organization uh I've also thought which is something I'll throw this is my bonus material I'll throw at you is if this is something that appeals to you and you're doing some sort of Hi Side hustle or something like that it may be that that could be part of what you offer your customers is that you say if you've got a program set up in a certain way you could say hey one of the things that we do because we we want you guys to be more aware this is something we're pushing is that every customer gets maybe uh an email address that gets that is a part of your security awareness program depending on how these things are set up things like that because you know it's a bonus there that you can it's a little value ad you can give you can probably offset whatever that cost would be for that you know those that email or those couple of emails uh with the work that you're doing for them uh and there's also take a look there are some of those security awareness programs that part of the deal is is they bring in all their users they also want to make sure that there's enough uh there's bandwidth in there so that the users can actually share links to family members as well so that you can you again it goes back to making more people aware so I think we'll go with that for the the bonus material I have no idea what we're going to step into next episode but uh we will figure it out between now and then and we will just get right into the building better habits because I think there there's a lot of things that I think I've that I have in the back of my head that we can we can offer I think Michael's got some ideas as well so between the two of us we're going to be you know cranking on this for the next you know quarter or so or more and we'll see how it goes and granted and I do want to go ahead and throw out there as I guess bonus material is that we are coming up on the holiday season it's uh beginning October right now and we will uh do the because I I got to use my turkey gobble for Thanksgiving and I got to use my sleigh bells music for Christmas is we will have like we will have the Thanksgiving week specials and we have Christmas week specials and probably New Year's as well so we'll sort of get you know pause the season a little bit for those and then dive rank back into them so we'll be mixing up a little bit as we go into this season and have a couple of those uh you know those special episodes that we've you we've done now for many many years that being said I think we're good to wrap this one up so uh we'll just catch you guys next time check back in here we will be right back as far as you know or two days from now or four days now whatever falls into schedule some point come back we'll be into the next season go have yourself a good one [Music]
Transcript Segments
[Music]
welcome back we have a effectively hit
record again and we are starting a new
season this is season
23 wow that's just I remember when we
were at episode 23 and it was like wow
we're gonna get to 25 with this sucker
and now we're just like cranking along
this season we decided quite a while
back as we've noted uh throughout and
you guys even got some bonus material
along the way is we want to do building
better developers we want to focus on
things that can help you things that are
like some ways to become a better
developer and I think we're going to our
goal is going to be with each episode
we're going to try to get something
that's uh some sort of action item or
something like that I don't know what
we're going to do with this one I think
probably I'm going to come up with
something that's going to be like a sort
of a quicker shorter one but moving
forward I think that's almost going to
be I think we can almost have like a
templ type a format of basically saying
hey here's the the skill or whatever
that we're going to look at the focus
that we want to have for this episode
talk about it a little bit talk about
maybe like how we we work with that
skill maybe some tools that we found
related to it and then be some sort of a
challenge that I think honestly I think
most of these we want to challenge
ourselves as well because it may even be
something even if it's something that
we're doing is just to make sure that we
continue doing that for the next you
know whatever it is seven or 10 days and
I think that's probably what we you I
think would make the most sense is to
pick maybe like for the next seven days
just like maybe that's that's each time
we're going to come out of it is we're
going to say hey for the next seven days
give this a shot assuming that it may
you know it's a daily thing and I think
we can we can probably make that happen
and it it may be stuff that's a little
bit different because I'm thinking of
things as like I'm looking over here as
like getting things done the GTD
approach to stuff and sort of like you
know looking at some of those things we
may so there may be some of
these uh theories and philosophies and
stuff like that that we're not going to
totally embrace but I think it's stuff
that we should go back to each of us
like I think of you know your favorite
word because you never can get it right
but the Pomodoro Technique is maybe go
back and say okay for a week let's you
know for your work week let's do some
pomodoros go out there and do you know
use that approach and see how that works
even if you've done it before because we
have um you know step back into it for a
little bit and see how that goes and and
we would love to get feedback on this
kind of stuff as well because I think
there's going to be some of these things
we're going to be like huh I don't know
if that's going to work or not not and
it'll be interesting to see if it maybe
it works for us and not you or vice
versa or you know your per you do but
your buddy doesn't or whatever it is
however that works so I think we'll just
kick it off and I'll just Vamp and rant
because that's what I do best and we'll
talk about going into this
season you well I think you touched on
what the season should be let's just
call it getting things
done no because we do getting things
because it's actually like
that that's like a it's probably almost
trademark so if you do getting done and
the GTD and that is like I don't want to
like step on that because it's really
not it's really more than that action
items
or no it's like I think it really is
it's like it's building better
developers but it's um you know we did
the journey last time the developer
journey and this is maybe
um we did behind the scenes before that
which was basically building better
developers was maybe this is building
better habits maybe that's the season I
like that is that we can I think then we
can sort of steal our own name and we
can sort of focus on that for a while
and then we'll see where it goes because
we have a season 24 somewhere up there
too we got to figure out what our next
season's going to be but we let's tackle
it one season at a time all right so
building better habit that sounds like
yeah and we can bring that
up all right well hello and welcome back
welome welcome to season
23 of the building better developers
podcast also known as developing
actually it was developer first but I
digress I'm not going to digress by
saying I am Rob Broadhead I one of the
founders and one of the hosts of the
show obviously I guess one of the hosts
that's probably like
needlessly needless to say and also a
founder of RB
Consulting where we don't do podcasts we
actually I guess we do blogs we do
newsletter and stuff like that but
you're not going to see my pretty face
unless you're a customer and usually you
don't want to because that means that
you've already run into a situation
where you've got technology issues your
stuff got out of hand you don't know
what you've got you don't know where
you're going you may question the team
that you've got right now those kinds of
things that are technology paining
points that is what happens when you
have technology sprawl whether you know
you're just as we talked about last
season you're not getting your
documentation together you really don't
know what you have we come in help you
out we can assess stuff we do and we
find a way to make it easier for you
through simplification Automation and
integration is like take that big mess
of stuff clean it all up make it work
together polish everything up give you
some documentation and a sort of a map
of like you are here and let's talk
about where you want to go so that's
that's ARB Consulting that's what we do
reach out anytime good thing bad thing
moving my moving on through this so I'm
g go with a
go with like the family kind of stuff is
that we have got uh I've got
a I I I get confused on I guess it would
be a niece in-law uh that has got a 21st
birthday that just had that and is now
coming into Nashville area for several
days to go enjoy that and so it's like
it is a full several days wife's been
around doing a bunch of stuff with her
we're going to have do some things with
them today we're going to do some things
tomorrow this is Saturday we're going to
do you know fill our weekend we're going
to have a big
basically monthly family gathering of
everybody getting together hanging out
eating food stuff like that so that's a
good thing is it's just enjoying life
bad thing is this goes back to like
incremental and momentum and you know
keeping up with stuff is I looked the
other day and I was like I am due for an
oil change but I've got too much stuff
going on so I'm like I have got to find
time and with all this family stuff to
go get an oil change so you know first
world problems
may maybe but on the other side somebody
does not have first word word gosh I
can't even speak today Michael introduce
yourself hey everyone my name is Michael
MOS I'm one of the co-founders of
develop preneur and founder of Envision
QA where we help companies unlock their
software potential through a
comprehensive software quality insurance
review and test Services you know you
can discover how all the areas of your
software development teams from sales to
QA can enhance customer satisfaction and
improve software quality right from the
initial conversation with your users so
don't neglect testing good and bad uh
good thing this week um Mo moving on
with uh current customer making some
progress completed another big milestone
and we're getting ready for the next
phase of work so that was a huge lift
and ready to get the next part going uh
bad um not too much bad only bad is
daughter unfortunately got her flu and
Co shot at the same time and was out so
had to help her a little bit
yesterday we as I mentioned are starting
the new season the season 23 and this
season is going to be our folks going to
be building better habits we are going
to talk about we talked about the
developer Journey last season and some
of the things that you need to do along
the way we're going to get more uh
actionable this season we're going to
talk talk about things in a way we're
going to have a topic we're going to
look at you know maybe it's a skill set
or a tool or something like that and how
do we build these into our life how do
we utilize these to become better
developers so we're going to talk about
a lot of different skills and we're
probably going to touch on some areas uh
potentially touch on some areas I think
that you they're going to be new to you
where you're going to be like ah yeah I
probably should know more about that I
should spend more time on it as an
example because I think that's a great
way to start start the season as we're
we're looking at what we've got ahead I
think we want to talk about security
awareness because this is something that
actually can affect
anybody it's amazing how often that some
of these uh these fishing scams and
things like that are successful
particularly when you get into social
engineering stuff and how prevalent they
are it's a if you if you've got a little
bit of an eye for it you know looking
for it it's amazing how much that
stuff is out there so it's it's really
easy to you know you could trip and
stumble and next thing you know it's
like boom you've you know had some sort
of a hack or something like that so and
particularly us because we are technical
people in general I think a lot of us
feel like ah I got it figured out I know
how to like see where that email address
is coming from or something like that so
I know but we can still have those
moments so I think one of the things
this will be I think we'll use this as
our example to start off and instead of
doing like we're normally going to do a
7-Day challenge I think this is
something
to because it's not a daily thing maybe
as much is put it on your calendar for
like say seven months or I would say for
the next year is go just like yeah right
now you can action an item put it on
your calendar somewhere pick a little
bit of time probably I would say at
least a half an
hour to just explore security awareness
and the way you you can do this is go
use your favorite search engine and look
for security awareness uh tools or
vendors and most of them have some sort
of free content available sometimes
they've got stuff that's just you know
it's always available they've got some
Evergreen stuff and things like that a
lot of them will run uh specials they
may have a little trial period or
something like that so you can check out
a few things and they do for most part
they tend to update those regularly with
some of the late
things and scams that are out there I
think that is a great thing to do for
all of us on a regular basis uh it's one
of those I've looked at these I've I've
gone back to security awareness vendors
on multiple times over the years talked
to a lot of customers about them have
not implemented a plan yet at RB but
that is one of the things that I think
is you that is is definitely on my uh my
road map of things to do is once we grow
a little bit more is we will probably
have a you know security awareness
program that we hit on on a regular
basis because even as a you know
somebody that is is I would say I'm not
a security guy but I am fairly aware of
those things because I do go back to
these on a regular basis I hear a lot of
horror stories from customers and and
even people I meet in the
street um so I I sort of keep up with it
but still it seems like every time I go
back through you know one of those kinds
of awareness programs or I look at stuff
there's something new out there
and it's not something necessarily
that's bit me it's maybe something
that's not uh even you know on my radar
or something like that but it's kind
it's the the scope the audacity some of
the things that are out there is amazing
and it is informative if not for you I
think it's something so that you have
that on your radar so that when you're
talking to family members and co-workers
and things like that is to just sort of
like drop those little nuggets
occasionally and say hey by the way you
know you may want to double check that
cuz there's a scam going around that is
that and you know check and you'll see
it a lot on social sites whether it's
your you know your Facebooks or one of
those kinds of things where you'll see
people talking about hey is this a scam
and it's actually it's a great way to
check on stuff is like hey I got this is
this a scam and if it's not great but
you can get stuff that looks very scammy
I actually got something as an example
before I I throw it over to you Mike I
want to get an examp example is I got a
bill there was a tax bill that from the
state that they hadn't sent me they had
sent me but they' sent it to an address
that I hadn't lived at in like 20 years
and they had sent this like once a year
for I don't know for for 10 years it was
like it was insane how long they' done
it and they never reached out to me they
finally decided that after all these
years and this that 10 years ago or they
whatever it was when they did it the
place they were sending it to I hadn't
lived in 10 years before that so I don't
know why they even had that address I
don't know why they weren't sending
stuff and then suddenly were but they
never reached out by phone they never
reached out by email until after a
decade and they said oh by the way
you've got like all of this
stuff all these like back uh filings
that you need to do and it wasn't a big
deal it was like I don't know 100 bucks
of filing or something like that it
wasn't huge but there was a bunch of
them and the funny thing was they didn't
have the they didn't have the ability
for me to even submit all of those they
were like you got 10 of these and we're
going to find it I'm like wait a minute
you ever notified me and we walk through
all this stuff the key to this though
was I got an email out of the blue that
was just like hey this is what we are
and and so I was looking all I
researched the heck out of thing I was
like is this a scam I finally went and
looked I looked at the phone number and
it was like oh hey this is a valid like
phone number for a department that makes
sense I looked at the email address and
I was like okay the email address that
it says looks good everything seems like
legit so I actually sent them an email
and said hey or maybe I left on
voicemail can't remember which one but I
was like hey I think there's a scam
going on that's related they're using
your information because I have no
relation to any of this and it looks
like it's a scam and ended up going back
through stuff and talking to him and
found out oh no it actually is
legitimate and I had to go through like
eight different channels because I
didn't want to be you know something
where I say hey you're scamming me and
the scammer says no I'm not this is
legit so it's one of those things where
you know you you want to be aware and
sometimes you will be you will overdo it
like I did maybe but it's better to
overdo it than underdo it and get bit by
it so what are your thoughts on actually
I guess let's first because I've taken
up all the oxygen in the room I like you
go ahead and like your thoughts on the
season ahead and then maybe your
experiences and some thoughts on
security
awareness yeah so the building better
habits I think is going to be a
great task for us and our listeners to
really better themselves I likeed your
pivot that we start out with
security in part because really near and
dear to my heart um a family member
actually got scammed and lost a lot of
money um through a social engineering um
hack so to speak and it
really I I guess the Hokey movie that I
could related to is if you watch the
movie beekeeper that happened to my
family member something similar to that
where uh they got some spyware on their
computer their machine locked up they
basically ran somewhere and they took
over and they she called and it it just
was
bad with the idea of reviewing your
security profiles you know what's out
there you know what kind of security
hack scams are out there the other thing
I would kind of add in with your task or
your challenge there Rob is to also
review all of your online accounts make
a list of all your user IDs all your
passwords put those in something secure
like key pass password one Whatever add
that to your list now that's not
something you want to do once a year you
probably want to do it every 60 days 90
days maybe go through and review an
update your passwords also be careful
not to use the same password for
multiple financial institutions uh if
you get hacked at one or they get hacked
they potentially could then get into all
your other financial institutions and
you know drain your accounts you don't
want that the other task with that I
would recommend is keep as you're doing
this review like Rob suggested make sure
you use your tools most browsers
nowadays will tell you if you've saved
your password hey your password has
shown up on X andx hack um or your email
has go change those passwords don't
ignore those go out to those sites
legitimately go to those sites don't
click emails don't go through website go
to the email or go to the actual site
like if it's Facebook go to facebook.com
don't click the link in the email go to
the dedicated sites you will find nine
out of 10 times email communication or
text of some sort saying that your
account has been compromised is probably
social engineering or a hacker trying to
get your information when in doubt go
straight to the source make your changes
there or contact the institution that's
reaching out to you like Rob said he
went through and did the research
anything governmental they will not call
you they will send you a letter then
call go online or call your local uh
government office and ask them who to
talk to don't go through the
communication go through them and nine
out of 10 times uh you will find that
it's either valid or it's a scam but
that's the quickest way to kind of rule
out any third party mediators go
straight to the
source go ahead BR
sorry oh nothing go ahead you look like
you still you were on a roll I I did not
want to get in the way of your momentum
um so the other thing too and I've
noticed this like you rob more and more
is you know not just
mail email but I've started getting more
and more calls and texts from random
sources which is strange now if you have
an iPhone you can actually block a lot
of this uh I think Android Samsung's
getting better at that uh they've added
some new security tools look at your
devices you know if you have an uh like
an iPad an iPhone Apple there's so many
security things you can turn on that are
built into the device to protect you as
a consumer turn those on yes they may
become com an annoyance at the beginning
but once you realize the value do it
Microsoft especially there are so many
viruses targeting
PCS make sure that you are protected you
know get those antivirus softwares get
those uh spy blockers uh you know put
those tools on your computers you know
that is a part of this security review
that we're talking about make sure that
you protect your machines and your data
you do not want to be one of those
people that are victimized by a ransom
hack or Ransom attack where you can't
get to your information and they're
holding you hostage especially if you're
a big organization or building or uh
company what are your thoughts on that
Rob I I agree um I think those are it's
this is part of the the habits uh I do
want to point out that you know this is
typical of a of the professorial
background that Michael has is that we
say here's your homework and then he
adds three other homeworks on top of it
and I I may or may not be anti- Academia
we will leave that just a let the let
the jury decide that let the public
decide but those are all very key things
I think in particular and this is why we
do this this is why building better
habits is one of the things we're going
to talk talk about and this is why I
mentioned let's go ahead and start with
security awareness and do this on a
regular basis because the things that
Michael just listed out are the things
that you're going to see probably in
every single security awareness program
they're going to talk about things like
password complexity don't use password
or one two three or your dog's name or
something super simple like that use
something use complex stuff there are
tools to generate insane random
passwords utilize those things utilize
multiactor authentication where you can
it's not going to it's not the be all
and end all but boy it will help a lot
and it is very easy to to put that into
almost anything that you're dealing with
especially if you're building something
go ahead and utilize that if you if
you're tired of doing things and you're
like I've got too many things that I've
got to connect to then work on like you
know learn about single sign on and some
of those kinds of
things those steps are all very useful
steps to protect yourself and your your
data your company your family there's a
lot of these things that's just it again
goes to let's build better habits let's
have these things on you know in our
mind on a regular enough basis that we
can take some of these and we can build
on those habits and say oh yeah I need
to look into this regularly for example
if I'm going to do a monthly security
awareness catchup part of that may be
I'm going to go look back through and
see is there some passwords I need to
change or there you know there's some
sites that I need to close down or you
know to end my subscription am I getting
too many stinking emails from somebody
yeah those kinds of things I think are
going to be very valuable to you moving
forward which are why we want to do this
uh this whole season really is to say
there are these things that
we way too often I think we sort of feel
it's like a it's a oneandone or you know
maybe a one or two off and you just sort
of do it and it's like okay I'm I'm done
with it I've like I've learned that or
I've I I can check it off my box but
there's a lot of these things that we
actually do want to revisit on a regular
basis because things change because we
want to stay current with whatever that
topic is your
thoughts yeah and the other thing as
you're working on building these habits
you know keep track of them you know go
spin up a notepad or spin up a Wiki and
start keeping track of these things keep
a journal as we mentioned in the p as
you build these habits write them down
keep track of them as we go through the
season and a final thought on security
awareness is also if you're a business
look in your industry because there
might be some additional governmental
security things you need to be aware of
as
well so as a I guess we've given you an
action I I want to give you a little bit
of tools I did talk about just go out
and do a query on like security
awareness programs so I'm going to give
you two things here one this is even
bonus mat everybody gets this
one I've in the past uh and I've
recently it's probably been a year or
two I think the last time I updated this
is I've done some some research into the
the essay the security awareness world
for some of my customers and I have been
able to as part of that in some of the
conversations it's probably going to be
a little dated but I was able to get
things like pricing information and some
comparisons like what do they provide
what don't they provide what and there
is a when you get into this world there
is
a lot of stuff that they may or may not
provide because some of them also have
like learning management systems as part
of it and things like that so that you
can as an organization build your own
content into this program they've got
some of them gamify it some of them have
some sort of a you know it's more of a
uh like checking off a list and making
sure that you do regularly like you know
review the material or watch the video
or what whatever it happens to be shoot
us an email at info develop order.com
and say hey I would like to see your you
know that security awareness program
summary or overview uh you can take it
with the grain of salt because it may or
it may or may not fit your organization
but I will be glad to you know put that
together and send that out to you a
couple of names to just go with if you
if it's too hard to search first uh
something the the companies that stick
out in the in the past is uh nobe KN W
uh the be and then the number
four they do it and they have a pretty
uh they had a pretty good they were like
pretty good pricewise I think they they
tended to be on the lower the lower cost
and had a you know a pretty solid just
security awareness program mcast was one
that had a lot of good features to it
was one that I remember being a I think
it was actually a winner for the the one
customer that I was working with and
infosec is another one that they send
stuff out a regular basis and I and I
think the infos sec I I'm pretty sure
always does every year there's a it's
security awareness in October and I
think there's another month that they
send out just sort of like a free hey we
just want to make people more aware kind
of packet so you can get on their email
list uh Noble before I think does that
as well and I'm trying to remember uh
there was another one that disappeared I
think now it used it was like uh I don't
see them as I'm looking at a search it
was like security ninja or something
like that I wish I could remember what
that was wa what I'm going to do a quick
check there
ninja what was it
uh it may ninja iio there we go n i n j
IO um and there's was like just some
really fun videos it was really good
stuff
around uh security awareness and it was
again it was a little more expensive but
it was I think they were the ones that
they had it was like it felt like a
Saturday Night Live uh skit was a lot of
their you security and stuff like that
uh or I'm sorry no theirs are are more
there animated but it's usually you know
3 or four minutes of a good little you
know cartoon basically that walks you
through some of those programs so that's
some bonus material for you there's some
there's great places out there so that's
your uh your homework as we come into
this season is let's start off with go
spend a little bit of time and you know
get more aware on security Awareness
stuff is understand what's out there
take a look at a couple of the sites you
know throw it throw like a you know a
Spam friendly email address for you're
just like hey I just want to get
download some of their packets cuz you
can there's going to be some information
there that's free there are also as you
do the searches you're going to find I
think there's a couple of sites that
have free material they provide as well
so you may just want to dig into into
that that being said it is time for us
to wrap this one up not the season we
just did that this one we're just
wrapping up episode one of season 23
where we're going to be building better
habits so I'm really looking forward to
this actually since Michael threw this
out I know months ago it's like hey how
about this I've glommed on to it and
said I'm really looking forward to this
season I think it's going to be a really
fun one and it's going to be very useful
for us so as always shoot me an email
info developer.com check us out at
developer.com and go ahead and fill out
our contact us form we're out on X you
can go at develop anur if you want to
see sort of what's going on there uh you
can go catch us on wherever you get
podcasts you can subscribe to the
podcast wherever you get YouTube which
is YouTube you can go to YouTube develop
andur and you can go check out the
developer Channel where you can watch
these things and also all of our prior
material and and future stuff because at
some point we'll be getting back we we
do occasionally put some like tutorials
and things like that out there as well
that being said we're going to wrap this
one up talk to you next time around so
go out there and have yourself a great
day a great week and we will talk to you
next
time bonus
material so so
technical bonus material for the
developer side of things we have covered
uh arani I think I people complain I say
it wrong uh I have some videos out there
for this uh software tool that you can
put up that will analyze your software
find some bugs uh infos was a very good
one that you mentioned earlier and for
those of you uh that deal with
thirdparty dependencies oas.org ow
W
ASP I never say that right yeah o o
WP is a great free Tool uh that you can
actually plug into a lot of your
software development and it will you can
add it to your continuous integration so
as you do your builds it'll analyze your
dependencies and if any dependencies
have uh like a higher uh flag of
vulnerability you get flagged and then
you can go uh update your dependencies
or figure out how to fix the problem
I think I gave away enough of my bonus
material because this was that is a
bonus I the uh the little RFP kind of
thing I did it's a couple of pages I
talked
through sort of the highs and lows the
pros and cons of several of the the
programs are out there there are some
new ones that you know there a couple
more that have popped up uh but I think
it's something that and I actually go
back this is one of those things I go
back and review this material every so
often because I do every so often say
maybe I should go ahead and launch a you
know connect to one of the
and Implement a program in my
organization uh I've also thought which
is something I'll throw this is my bonus
material I'll throw at you is if this is
something that appeals to you and you're
doing some sort of Hi Side hustle or
something like that it may be that that
could be part of what you offer your
customers is that you say if you've got
a program set up in a certain way you
could say hey one of the things that we
do because we we want you guys to be
more aware this is something we're
pushing is that every customer gets
maybe uh an email address that gets that
is a part of your security awareness
program depending on how these things
are set up things like that because you
know it's a bonus there that you can
it's a little value ad you can give you
can probably offset whatever that cost
would be for that you know those that
email or those couple of emails uh with
the work that you're doing for them uh
and there's also take a look there are
some of those security awareness
programs that part of the deal is is
they bring in all their users they also
want to make sure that there's enough uh
there's bandwidth in there so that the
users can actually share links to family
members as well so that you can you
again it goes back to making more people
aware so I think we'll go with that for
the the bonus
material I have no idea what we're going
to step into next episode but uh we will
figure it out between now and then and
we will just get right into the building
better habits because I think there
there's a lot of things that I think
I've that I have in the back of my head
that we can we can offer I think
Michael's got some ideas as well so
between the two of us
we're going to be you know cranking on
this for the next you know quarter or so
or more and we'll see how it goes and
granted and I do want to go ahead and
throw out there as I guess bonus
material is that we are coming up on the
holiday season it's uh beginning October
right now and we will uh do the because
I I got to use my turkey gobble for
Thanksgiving and I got to use my sleigh
bells music for Christmas is we will
have like we will have the Thanksgiving
week specials and we have Christmas week
specials and probably New Year's as well
so we'll sort of get you know pause the
season a little bit for those and then
dive rank back into them so we'll be
mixing up a little bit as we go into
this season and have a couple of those
uh you know those special episodes that
we've you we've done now for many many
years that being said I think we're good
to wrap this one up so uh we'll just
catch you guys next time check back in
here we will be right back as far as you
know or two days from now or four days
now whatever falls into schedule some
point come back we'll be into the next
season go have yourself a good one
[Music]