This past weekend, I had the privilege to participate in Cleveland GiveCamp 2016. We completed 20 projects – mostly web sites on WordPress, Weebly, Wix, SquareSpace, Strikingly, Drupal… to name a few platforms. There were a couple projects that weren’t websites – including one where they were helping the non-profit with scraping data. For me, my heart and mind lived primarily in the arena that has been intriguing me again – security.
Why Security Seems Scary
We always joke nervously (and most secretly fear) about the hackers with the USB sticks and the malware they’re going to get us with. We worry about the phishing when we realize that the email we clicked on was indeed a scam. That person sniffing our network traffic, learning where we live because we filled out an unsecured form, and then doing stuff with that information – we fear that. The bad things… the way media spins it… these things are scary. The hackers are portrayed as bad. Security guys are seen as scary… because so many people see the bad. They tend to forget that as many bad guys are out there, there are good guys who care about those who are vulnerable. This weekend, I had the privilege to assist some of the good guys who were there to check our work for vulnerabilities and make sure that our non-profits were secure.
My Security Ah-has
This weekend, I found myself challenging my fears a little. This is what I’ve learned about myself:
- I appreciated learning from them. My fears are actually my feeling vulnerable and like an impostor because I don’t have mad hacking chops like they do. I also have a lot of respect for this group in particular – super knowledgeable and truly caring about helping the non-profits. In reality, while I may still feel vulnerable, I have to realize that a developer/IT skill set and set of eyes can be a helpful thing.
- I actually had fun writing PowerShell to help the GiveSec team out, so much so that I think I may see what else is out there and how I may be able to contribute.
- I understand security enough that I was pretty angry when I had to say Security is so much more than just making sure credit card information is secure. Yes, I had to explain this, and even more infuriating was having someone still walk away, not understanding our concerns and dismissing it as a parade of scare tactics. *sigh*
So this year at Cleveland GiveCamp, I learned a lot about security teams and the various things they deal with. I hope that I continue to follow my curiosity based on what I learned over GiveCamp and see if my dev ops mindset blossoms more this year.