Security or Convenience - Why Not Both?

Traditionally, security is all about creating obstacles and making it difficult to access data. This is at odds with our drive for a more smooth and faster development process. How can we keep the software we’re building secure without adding friction for engineers? Can security ever be something other than a costly nuisance? 

In this talk, I’ll explain how to create a foundation for security by design, go over quick wins at the cross section of security and productivity that most companies overlook, and share my tips for building secure software without sacrificing productivity.

You’ll learn how to:

  • Recognize patterns that promote security and those that hinder it
  • Avoid wasting time implementing practices that make no sense
  • Infuse a security mindset into your development process
  • Understand what your CISO wants and when to push back

Interview:

What is the focus of your work?

I’m the CEO at Authress and our API makes it easy to add login and access control functionality into your software.

What’s the motivation for your talk?

When we were defining the security strategy for Authress, the common advice out there was either too rigid and impractical, or a very shallow regurgitation of what everyone does. Not much has changed in the last few years - the advice you get is still the same, but the number and intensity of attacks increased globally for everyone. I wanted to fill that gap with a pragmatic view focused on the why, so that security is more accessible for everyone.

Who is your talk for?

Leaders and practitioners in any sort of enablement role who are curious about security, and disgruntled security people who want a fresh perspective.

What do you want someone to walk away with from your presentation?

I’ll share multiple little tips on securing your development process and I’m hoping everyone will find at least one thing they can immediately apply in their teams. My biggest hope, though, is to impart a way of thinking about security that you can fold into your work that will let you figure out what makes the most sense in your situation.

What do you think is the next big disruption in software?

While everyone has their eyes on AI, we seem rather oblivious to the increasing fragmentation of global markets and how it’s spilling into the digital space. We’ll see way more arbitrary boundaries set by different countries, forcing us to rethink not just our business models, but also how we make our software.

Speaker

Dorota Parad

CEO @Authress, Product and Team Builder, Test Enthusiast

Dorota is the CEO at Authress, your developer-focused auth solution. With 18 years of experience in different software roles, from coding, testing, UX, through product and engineering management, to business operations, she brings a down-to-earth perspective to complex topics people prefer to avoid.

Read more
Find Dorota Parad at:

Date

Tuesday Nov 19 / 01:35PM PST ( 50 minutes )

Location

Seacliff ABC

Share

Share Share

From the same track

Session Productivity

Productivity Lessons in Moving from Big Tech to Scaling a Startup

Tuesday Nov 19 / 10:35AM PST

Most productivity research happens in large tech companies. Many of the lessons learned there apply to the world of Startups as well, but some don't carry over.

Speaker image - Rachel Potvin

Rachel Potvin

SVP Eng @Sanity.io with 25 Years in Tech, Previously @Google and @GitHub, Engineering Leader Focused on Building Productive Happy Teams

Session AI/LLMs

Slack's AI-Powered, Hybrid Approach for Large-Scale Migration from Enzyme to React Testing Library

Tuesday Nov 19 / 05:05PM PST

With the Enzyme test framework no longer supporting React 18, migrating to React Testing Library (RTL) became imperative.

Speaker image - Sergii Gorbachov

Sergii Gorbachov

Staff Software Engineer @Slack, Specializing in AI-Driven Tools for Automating Code Migrations and Test Authorship

Session Engineering productivity

Inflection Points in Engineering Productivity as Amazon Grew 30x

Tuesday Nov 19 / 11:45AM PST

I joined Amazon in 2009, when we were a 3000-engineer company, and got to experience its fast growth from 3k to 90k engineers over a 15-yr period. During that time, our engineering productivity needs had a number of interesting inflection points.

Speaker image - Carlos Arguelles

Carlos Arguelles

Senior Principal Engineer @Amazon, 27 Years Experience in Developer Productivity Engineering, Previously @Google and @Microsoft

Session Research

Supporting Engineering Productivity for All

Tuesday Nov 19 / 02:45PM PST

Understanding what drives software development productivity is the key to making high-impact investments in engineering productivity.

Speaker image - Emerson Murphy-Hill

Emerson Murphy-Hill

Research Scientist at the Intersection of Software Engineering and Human-Computer Interaction, Former Googler and Professor

Session Engineering Efficiency

Shifting Left for Better Engineering Efficiency

Tuesday Nov 19 / 03:55PM PST

In this presentation, I will share two critical migration stories - one focuses on production monitoring and the other on production deployments with automated validations.

Speaker image - Ying Dai

Ying Dai

Principal Software Engineer @Roblox, Working on Improving Engineering Efficiency. Previously @Google & @LinkedIn