Day One at DrupalCon

Author: Jack Martin

DrupalCon Austin has lived up to all expectations so far. Day 1 was packed with great speakers who have extensive knowledge of Drupal. I am eager to get back to the office to start putting this new information to good use. In the mean time I have put together a little run down of Day 1 at DrupalCon so that everyone can get a taste of DrupalCon.

Session 1: Mission Impossible

This was a great opportunity to hear from the leads on the development team for MSNBCs new site. The panel included Jeff Robbins, CEO of Lullabot, Richard Wolffe, VP and Executive Editor, at MSNBC, John Keegan, VP Technology Strategy, NBC News Digital, and Karen Stevenson of Lullabot.

MSNBC faced a nearly insurmountable list of issues (hence the Mission: Impossible theme) that they needed to overcome to bring a truly world-class site to life. From design to development, they faced challenges that were both unique to a news and entertainment company and common to almost every site out there.

The representatives from MSNBC and Lullabot chose Drupal because of its solid core and flexibility. Developer Lullabot was able to utilize this architecture and its community support to deliver a solid product. They also give back to the community as well, having developed a number of Drupal components that we use every day.

Session 2: Securing the Stack: Hardening Your Drupal Deployment

This was a DrupalCon session for more of the technically inclined people. The session reinforced the point that site security is much more than just the software that runs your site; it is a ground-up proposition. From the very hardware your site runs on to the network that delivers your content, vulnerabilities exist everywhere in what’s referred to as ‘the stack’ (the stack being the hardware, the operating system, the software, pretty much everything that goes into running a web server).

Mark Stanislav of Duo Security was there to provide insights on how to keep your stack secure from a systems administrator’s perspective. To Mark, security isn’t a one-and-done task, it’s a constant process that requires diligence and discipline to stay ahead of an ever changing barrage of attacks.

Session 3: Securing Your Drupal Site: advice for site builders and coders

Two members of the Drupal core team, Greg Knaddison and Stéphane Corlosquet, did a great presentation on site security. This session was about what Drupal does for security and what we as developers can do to make sure these tools are being used.

A number of best practices were described as well as the functions within Drupal that can be utilized to make sure that goals and expectation are being met. A lot of sneaky things can happen from even trusted members of a site and we as developers need to mitigate these threats.

Session 4: A Developer’s Primer to Managing Developers

Joe Shindelar, Senior Developer at Lullabot, shared some of the problems and solutions he’s experienced during his time as a developer with one of the larger Drupal houses in the country.

Developers often time have a different mindset from the rest of the organization and work in different ways. Sometimes a bit of translation in the process is all that’s needed to help a product move through the system. An example given was simply changing the term MVP (minimum viable product) to ‘blockers’ or similar with a team in which he was involved. This changed the connotation of the goals from a bare minimum to an item that could be attacked and resolved.

Another excellent takeaway was that not every process fits every team. Processes like scrum are starting points in designing your workflow and that is the starting point from which you should tailor your plan. Team members and the way that they work should also be taken into account when deciding how your work should be done. Some people need direction and some should be given the latitude to decide what they’ll work on; being able to identify issues and the way people work on your team leads to better results.

Day One Summary

All in all day one was a lot to take in, but also a lot to take away. It has been exciting to meet the Drupal community as well as other agencies like us.

Stay tuned for more DrupalCon takeaways!

If you want to learn more about what we learned at DrupalCon, talk with us today!