Aug 1 2016

The benefits of the Drupal community and S8080’s maintenance and support

maintenance

 

Drupal is renowned for its flexibility and extensibility, proven by the sheer number of high quality modules available. By using common modules in Drupal deployments, we not only increase functionality quickly and easily, but massively reduce costs whilst benefitting from community security updates. This approach also ensures complete portability for our clients in the future. These are primary reasons why open source solutions are in such high demand.

The Drupal community has an exceptional security team that performs audits and manages the process of communicating their security update findings to module owners.

As an agency of passionate Drupal developers and active Drupal community contributors, every week S8080 get notifications from Drupal on any security releases along with alerts from other specialist tools we use.

These tools monitor all of the Drupal sites that we maintain, to identify all the relevant updates that need to be made to the Drupal core and the modules running on those sites – this ensures nothing is ever missed.

Our ISO/IEC 27001 secure development policies means we have strict protocols in place to ensure our website and online applications are patched quickly and to reduce exposure to any emerging vulnerabilities. When updates need to be made, we prioritise them based on severity and our team will deploy them to the sites that we mange for our clients. Our clients are therefore assured that their Drupal CMS is running the latest and most secure code.

How is Drupal and the modules kept secure?

If you are interested in understanding a bit more on how Drupal’s security team work, then this is a very interesting article: https://www.acquia.com/gb/node/2023186. Their infographic explains the process so well!

Drupal security release infographic

Source: Acquia.com

How does S8080 help the Drupal community keep Drupal secure?

Our Drupal developers are very active in the Drupal development community; it’s common for them to be working on modules and providing updates back to the community. For example, on the 20st April, a commonly used 3rd party module ‘EPSA Crop’ was announced to have a security vulnerability – initially no details were issued to allow the community to react.

This module allows editors to crop the images they upload to their Drupal site, so they don’t have to use third party graphics packages. The owner of this module was no longer available to maintain ESPA Crop, and therefore the central Drupal security team recommended that it should be uninstalled and no longer used. However this would mean that the thousands of sites using the module around the world would suddenly show images uncropped and full-size, causing websites to look terrible – something nobody wants.

This is where s8080 and the Drupal community came into play. We use EPSA Crop to provide an enhancement to the way users manage images in their site, we consider this module to be of importance to us and our clients, so as soon as we were notified of the issue we set about working on a fix for our clients and the whole community.

After quick initial investigations, before the details of the vulnerability were released, we spotted the potential problem and immediately started working on a fix for our Drupal sites and the community as a whole. We deployed the hot fix to the sites that we manage and support to protect them immediately.

Once the official security vulnerability details were released, we were pleased to find that our investigations were correct and we were able to submit our patches / fix to Drupal very early for review by the community. Along with our patches and those of other members of the community, an official fix was released. We then set about the process of updating all of our managed sites with the official fix.

In this particular instance, S8080’s proactive approach to security and our interaction with the Drupal community meant that our managed service clients benefitted from very early protection from potential hacking attempts. And without resorting to making their sites look dreadful by removing the module!

Just as importantly the community and other websites benefited from our work by getting a fix to the module very quickly.

We think this is a great way to work.

Feb 12 2015

How we do agile and lean development projects in our web agency

At S8080 we like to keep things lean and we like to get things done. How exactly do we like to get things done? By sticking to some key principals taken from Prince2 and Agile (why limit yourself to only one project management methodology!)

After the client alignment, UX and creative phase, we’ll have a big kick off session. This ensures that everyone on the team knows the end goal, how it can be achieved and their role in achieving that goal.

User stories and the agile wall

Once all is understood and all questions asked, the team will plan out the project by creating user stories, these are simply cards that contain a specific story, or goal. For example one story may be “As a student, I want to be able to view all books available”. Once all stories have been built up, the team as a whole will estimate how long each story will take to complete.

With all the stories created and work estimated, the team place the cards up onto the Agile wall. Think of the Agile wall as a huge ‘to-do’ list.

As the team work on a story they will pass through several stages from the ‘backlog’ to being ‘accepted / completed’. To ensure this process runs smoothly, the teams will have a quick 5-10 minute stand up in the morning, at these stand ups the team will work though any problems or ‘blockers’ that are stopping them from working.

Iterative approach and sprints

We keep our clients well informed by showcasing our work to date at the end of every iteration / sprint. This is a great opportunity to gather feedback early on in the development process, instead of the big reveal at the end. We couple these showcases with a weekly report, which contains contains a general status, dependencies, risks and any issues.

At the end of each sprint, we will perform a retrospective, this is the opportunity for the team as a whole to suggest how we can make improvements for the next iteration – and usually demolish a pack or two of Welsh cakes.

Because some customers require a fixed scope, time and budget we also provide a Gantt chart, this will contain a detailed list of the functional outputs along with any user testing, security testing, UAT and other dependencies. If there is any additional work to be added to the scope, this is simply dealt with via a change request.

Our key take away points are:

  • Encourage team communication through daily stand ups
  • Encourage team organisation through visible Agile boards
  • Encourage early feedback from the client by introducing end of iteration showcases
  • Encourage team performance with end of iteration retrospectives

Sometimes agencies can get too clogged up in ‘how to do Agile development’ to the letter instead of finding a method that works for them, after all, not all clients, teams and companies are the same.

Nov 13 2014

Working at S8080

Starting your career at S8080

 

We’ve recently had two new team members start working at S8080. Eric joined us as a developer from a small local design agency in September and Ernie joined us a technical project manager from Hewlett Packard in October.

Obviously, Eric and Ernie are not their real names, but we want to protect them from the constant hassle of recruitment agents!

Working at S8080 - our office

In their own words…

Eric, Drupal Developer at S8080

Started: early September 2014

Settling into working at S8080 has been both enjoyable and seamless.  Right from the first interview, I felt very comfortable talking about how I work and also learning how work is carried out by the team.  I was very drawn in by working as part of a team utilising Agile methodologies.

My induction allowed me to transition smoothly into working within the team; initially with time to familiarise myself with the technology and workflow that is used at S8080.  Coming from a small agency, it was often the case where I would have to do a considerable amount of research on particular aspects of development before beginning projects. Here at S8080, the team is only too happy to help and bounce ideas between each other, which, has been fantastic for picking up little nuggets of knowledge.

The office itself is state of the art, and is in a great location a stone’s throw away from Swansea Marina.  Personal development is a very high priority here, too.  There is plenty of material within the office to learn new skills or brush up here and there or even to keep on the desk as a reference.  I’m also studying an additional degree at Swansea University which S8080 are happy to let me attend once a week and provide any support I may need.

The atmosphere is very relaxed considering the fast-paced nature of our work.  The work itself is engaging and challenging.  Meetings are held every morning with project managers to ensure that we, as developers, have everything we need to check off all the tasks we have been assigned as part of our sprint for the week.

All in all, I have thoroughly enjoyed my first few months at S8080.  I have been made to feel very welcome and have already settled into the way the team works and I am always looking forward to the next challenge that our projects bring.

Ernie – Technical project Manager at S8080

Started: mid October 2014

I stepped through the door and was refreshed by the bright orange walls. I shook some hands and after being handed a cafetiere and 2 shortbreads I was ready for the interview, I say an interview, it was more of a sensible chat with some sensible down to earth people.

All went well and I was given a start date. The first few days were spent getting my bearings, meeting all the individual characters that make up S8080, setting up my shiny laptop and sipping from my new S8080 ‘e-tea’ mug.

Working at S8080 - e-tea mug

I was sent to work straight off the bat, no boring waiting around. The work processes are very agile, but if you think there is a better way of doing something, then you can just say so and they team will give it a go – no forms to fill in! The agile boards offer a great visual cue for the work that is going on and a focal point to discuss tasks.

The office is set in a huge open-plan, light airy room and when it’s time for lunch you can take a walk around the marina and take in the good sea air.

Since settling in I’ve learned the people are great, the work is great and the location is great – With the local gym being so close I can even come in early for a quick session!

Aug 8 2014

Perspex Agile / Scrum boards

We are moving into our new larger offices this weekend and today we had our agile boards installed – all seven of them, each 2 x 1 metres.

We couldn’t find any to buy, so we designed our own and had a local sign company make them up for us in clear Perspex.

agile scrum board s8080

agile scrum board s8080

agile scrum board s8080

Sep 30 2009

Job in Wales – we need a project manager

Project Manager

(6 months contract to cover maternity leave).

One of our project managers is taking six months off to have a baby and we are looking for someone to help cover her workload while she is away. It’s a six month contract, beginning in December 2009.

You’ll be joining our project management team, who are all PRINCE2 qualified (but don’t worry if you aren’t) and working in a creative digital media studio environment (building large websites), working for a very diverse range of interesting and demanding clients.

We are looking for a very, very organised person with great written and verbal communication skills. You must love writing  to-do lists and making sure everything gets ticked off on time. You’ll be in daily contact with our clients and working closely with our consultants, designers and developers, making sure projects run smoothly, get finished on time and within budget.

You’ll be able to follow tried and tested procedures, but also be able think on your feet. If you have a technical background, or at least an understanding of how websites work, that will be an advantage. If you have any previous project management experience, that’ll be good too, although definitely not necessary.

The role is office based, in Swansea’s SA1 waterfront location, within easy reach by road, train and bus.

Drop an email to jobs@s8080.com. Address it Chris and Matt.

We look forward to hearing from you.

Please, please, please – we don’t want to hear from any recruitment agencies, thank you.