Pitfalls to avoid when improving your software development skills
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
Source: helpnetsecurity.com
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for both are myriad, but how to pick the right ones for you?
Older, more experienced professionals in the field of your choice can help point you in the right direction, and thatās why Help Net Security has decided to pick the brain of Dylan Beattie, whoās not only an experienced software developer, but also the CTO at Skills Matter, one of the largest communities of software engineers, who share their experience and challenges in daily talks, discussions and workshops.
Beattie started programming when he was about eight, he wrote his first web page in 1992, and graduated from the University of Southampton with a degree in Computer Science in 2000, just in time to watch the first dot-com bubble burst.
He got a job building data-driven websites using classic ASP then, a few years later, moved to London to join Spotlight, where he worked for nearly fifteen years: building a team, migrating their stack from classic ASP to ASP.NET MVC, moving from on-premise to cloud hosting, using continuous integration, APIs, microservices, and so on.
These days, in his role as CTO at Skills Matters, heās managing the development team that maintains the organizationās web platform and heās involved in lots of their tech conferences and the work they do to support the meetup community.
āSome ten years ago I started going along to software meetups ā I was really struggling with ASP.NET WebForms and decided to try a meetup or two to see if anybody else was having the same problems; that got me involved with the London .NET User Group. On the back of that I started doing user group talks and speaking at conferences, initially just local stuff here in the UK, and now I speak at events all over the world about a whole range of topics, ranging from .NET and software architecture to development culture and the environmental impact of modern technology.ā
Choosing sources of knowledge
When it comes to things like information security, network and routing configuration, site reliability engineering ā i.e., all those things that are important for the day-to-day running of most of our platforms and services ā certification programs have definite value, particularly when itās the platform or system vendors who are providing the certification.
āI also suspect thereās a degree of stability in things like enterprise networking hardware which makes a certification program a much more manageable prospect ā certainly when compared to things like modern web development, which is a constantly-evolving landscape that shows no signs of calming down any time soon,ā Beattie opined.
āOn the other end of the IT spectrum is the extremely creative work related to things like machine learning and quantum computing: stuff where we are probably still years away from anything youād consider an industry standard or ābest practiceā. Iām very dubious when I see people offering things like āblockchain certificationā, because I genuinely donāt see where the value is.ā
Still, he thinks that the biggest value in certification is that it gives the student a way to direct their own learning. āOne of the biggest challenges I hear from people right across the IT industry is that they struggle with motivation, and I know people who have had great results by enrolling in a certification program just to give themselves a deadline and a target to work towards,ā he noted.
Learning resources are also plentiful and easily accessible these days: whatever you want to learn, chances are good that you can go online and easily find online documentation and tutorials, blog posts, structured courses and YouTube channels that will help you.
Beattie says thatās where the real value is: multiple different channels through which you can source knowledge.
āIf Iām learning a new language or platform, Iāll often use an online tutorial to try something out and build my first prototype or demo application, then Iāll buy a book to fill in the gaps in my understanding and give me a more balanced view of whatās actually possible with it ā and, of course, Iāll be looking on Stack Overflow and other online resources every time I get stuck,ā he explained his own process.
āIām also lucky enough that Iām connected to a lot of very smart tech people through social media, so if I get stuck I can always jump on Twitter and ask āhey internet ā can anybody help out?’ā
Advice for those just entering the IT industry
The modern IT industry spends a lot of time talking about microservices, JavaScript frameworks, cloud, serverless, but all these things are just the latest wave of abstractions to ride on top of a set of core principles that havenāt evolved all that much over the last 20 years, he says.
Itās better for novices to pay attention to the basics: learn how a relational database works, learn a solid object-oriented programming language such as Ruby or C# or Java, learn about HTTP and learn how to use HTML and CSS to present information.
āThose are the cornerstones of almost all modern software development. Once youāve got your head around the fundamentals, all the trendy stuff makes a lot more sense because youāll understand where itās coming from, and what problems it was intended to solve,ā he explains.
He also warns about not getting sidetracked by someone elseās infectious excitement.
āThat sounds weird, I know ā but IT is full of people who love sharing what they do, and often youāll talk to somebody who has recently started using a new framework or a new technique and thinks it is absolutely amazing, and canāt understand why everybody else isnāt using it as well. Iāve got caught up in this a handful of times during my career ā and the risk is that, even if theyāre correct, the problem theyāre solving isnāt the same as the problem youāre solving, and you can end up investing a huge amount of time in building the wrong thing,ā he says.
āYouāll probably walk away from it with some extremely valuable experience, so it wonāt have been a complete waste of time, but youāre very unlikely to end up with high-quality working software unless you take the time to research multiple approaches and evaluate them against your own priorities and requirements.ā
Pivotal career experiences and lessons learned
It wonāt come as a surprise to anyone who works in software development that one of Beattieās pivotal career experiences is the first (and so far the only) time he accidentally dropped a production database.
āSo much of the rigor and discipline around treating software development as āengineeringā can introduce what feels like friction into a development process ā writing unit tests, deploying to a sandbox environment, waiting for integration tests to complete ā and the temptation is always there to think āHey, this is such a tiny change, maybe I can skip all that.ā But then I remember the time I accidentally nuked the production database and remember that all those checks and balances are there for a good reason,ā he says.
Another one is transitioning from working as a solo programmer to working as part of a team.
Almost all the code he wrote until his mid-twenties was done by working alone. No pair programming, no code reviews, no planning sessions ā he would just talk to the users, work out what they wanted, build it and ship it. But when Spotlight hired a second programmer around 2006, he had to start learning and thinking about how to work effectively as part of a development team.
āItās always challenging, because the feedback loop that exists between your brain, your keys and your code is always going to be orders of magnitude faster than anything involving conversation or documentation. But what Iāve realized over the years is that the code isnāt actually where you can create the most value,ā he says.
āEven the best codebase in the world has bugs, vulnerabilities and dependencies that will need to be fixed ā and that comes down to what sort of team youāve got maintaining it and how well that team can prioritize and coordinate work. For most businesses, thereās far more competitive value in having a strong, cohesive team who can respond to changes and deliver things quickly than there is in shipping another ten thousand lines of code that nobody understands.ā
Finally, one thing that he likes to impress on others (and that doesnāt discussed often) is the total cost of ownership of modern software. The IT industry, he feels, puts too much emphasis on writing code and not enough on what that code is actually going to cost over the entire lifetime that itās running in production.
āPart of the problem, I think, is that software developers only get involved in those discussions after the decision has been made to create a new app or build a new feature ā and so weāre not really in a position to challenge the decision. But as an industry, we definitely need to think less about how fast we can write new code and think more about how we can maintain and manage the code thatās already out there,ā he opines.
Challenges the educational industry targeting IT will have to meet
Developing software and building systems doesnāt and shouldnāt happen in a vacuum and developers (current and future) need to be taught to take a more holistic view of the work they will be doing.
The educational industry can help with that and offer courses that will push them to think about user experience, code maintainability, information security, ethics, and data privacy.
Another challenge the IT industry in general has to address is how to who donāt consider themselves developers and help them realize that thereās opportunities for them in the IT industry as well.
āWe donāt just need coders to help us create more software, we need site reliability engineers to help us maintain it, we need designers to help us make it usable and accessible, we need copywriters and editors working on our interfaces and documentation, we need psychologists helping us develop better user experiences and ethicists helping us navigate the complex implications of modern technology,ā Beattie points out.
āUnderstanding the basic principles of software development and modern information networks is essential, but our industry needs so much more than just more people cranking out code.ā