Security and an agile way of working were two themes that were discussed at the WordPress Meetup in Norrköping on August 11 in Angry Creative’s new premises overlooking Motala ström.
Over 40 people came to the WordPress Meetup in Norrköping from as far away as Tampere in Finland and Oslo in Norway. It was a combination of WordPress Meetup and a housewarming party in Angry Creative’s new premises of 470 square meters that allows Angry Creative to double the current 16 employees.
At Angry Creative, the custom is to take off your shoes, so it was an unusually homely Meetup with lectures by Jimmy Rosén and Samuel Sapire, Angry Creative; Bjørn Johansen, Dekode and Toni Cherfan, cto Synotio. Pizza was followed by lectures, evening buffet and later air hockey tournament and open bar.
Bjørn Johansen shared his views on how to think in processes and layers to secure your WordPress installations. The main idea is that users should never be given more rights than they need and that processes and policies are required to secure WordPress.
-You must have a process for security. It is important to automate updates to WordPress so that they are always carried out, Bjørn Johansen said.
The whole process involves starting with educating users about security, installing WordPress properly on the servers, having auto-update turned on, having a policy for backups and a plan for when something goes wrong.
-“Security is not about installing a security plugin,” said Bjørn Johansen.
In fact, several popular “security plugins” are among the plugins that have had the most security holes in them, according to Bjørn Johansen.
Samuel Sapire, product owner at Angry Creative, explained how Angry Creative worked with agile development instead of waterfall development. Waterfall is the traditional way of working where what to develop is decided from the beginning while agile development means that the developers together with the customer decide along the way what to do.
-“We always want to work agile, but it can be a challenge to convince customers to work agile,” said Samuel Sapire.
One way to convince customers to the more fluid agile way of working is to tell them about successful agile projects and failed waterfall projects. In addition, it should be explained to the client that waterfall means that the contractor has to charge a risk premium in its quote.
-The success of an agile project depends on how good the communication with the customer is during the project. What is wanted at the beginning of a project is not always what is wanted at the end of a project. It’s all about delivering business value to the customer,” said Samuel Sapire.
Toni Cherfan from Synotio talked about their advanced hosting which is about providing a process that secures the hosting, updates, development and testing.
