Insights and Technology

<div><p>Though policies on pay transparency are not very common yet, an increasing number of companies are looking into it. They recognize its benefits, as much for the working environment as for talent acquisition. For current and potential employees, it helps to understand the criteria that underpin their compensation, their ranking compared to coworkers, and their advancement potential within the company.</p><p>This decision to go for pay transparency was motivated, first and foremost, by our commitment to a workplace that is equitable and fair, where all employees feel comfortable working. An evasive pay-scale based on obtuse computations inevitably fosters suspicions of inequity, which erodes the trust between employees and employer. What’s more, transparency is a mighty weapon to fight systemic inequities, such as the wage gender gap. Statistics Canada’s 2022 survey results show that women’s average hourly pay is still a sizable 11.1% less than men’s.^*</p><p>More than a window into current pay practices, mapping each person’s salary potential helps her or him set expectations. For those whose expectations are higher than what our pay grid allows and who have reached a ceiling, a mutually-agreed discharge might be the next step. As dire as that sounds, not facing it merely puts off the inevitable disappointment and resentment. In most cases, those whose expectations match well with our salary grid find a strong incentive to keep investing time and energy to reach new professional goals.</p><p>This transparency is also practiced externally, in all <a href="https://www.spiria.com/en/career/">our job postings</a>. We list every position’s pay scale, which is determined by the calculation grid. This is meant to avoid potential disappointment and to offer a good-faith vision of a likely trajectory. This excuses applicants whose expectations don’t fit with who we are, thus avoiding a fruitless discussion.</p><p style="text-align: center;"><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10859/vignette.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10859/vignette.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10859/vignette.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/10859/vignette.webp" style="width: 70%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>But such transparency doesn’t happen overnight. To pave the way, we had to review the salary grid, identify any inequities, then make adjustments to remedy them. This deceptively difficult task took over a year. Before disclosing any numbers, we spent several months explaining, answering questions, and improving the process based on feedback.</p><p>Developing a salary grid, as you can imagine, isn’t as easy as just inserting random figures in a spreadsheet. It was in fact a labor-intensive, sensitive process, which we paired with a steady flow of communication to all involved. We came up with a logical, equitable and justifiable grid that takes into account the company’s financial situation, while being competitive. Once the grid was made public, we met with each employee individually to discuss her or his position on the pay scale, the reason for that ranking, and what her or his options might be for further development.</p><p>This was definitely a big project that mobilized many of us, but it was worth it. Real salary transparency is now a cornerstone of our workplace based on mutual respect and trust. This initiative meshes with our goal to be a human-scaled company that is accountable, that listens closely to each and every one, and that works on building a contemporary and unique work culture.</p><p>(*) In 2021, women aged 25 to 54 earned an average of 3.79 CAD (11.1%) less per hour than their male counterparts. In other words, women in that age group earned 0.89 CAD on the dollar. [<a href="https://www150.statcan.gc.ca/n1/pub/14-28-0001/2020001/article/00003-fra.htm" title="https://www150.statcan.gc.ca/n1/pub/14-28-0001/2020001/article/00003-fra.htm">Reference</a>.]</p></div>

<div><p>InSpiria, which we covered <a href="https://www.spiria.com/en/blog/spirian-news/inspiria-2022/">in February last year</a>, is our annual company event where we reflect, learn, dream and have a bit (OK, a lot) of fun.</p><p>Because this year also marks our 20^th anniversary, we invited Spirians from across the country to celebrate in Montréal. In keeping with our hybrid work policy, we included streaming capabilities for people who could not attend in person. And as a thoroughly Canadian company with deep roots in French-speaking Quebec, we also provided real-time interpretation for attendees that needed it, whether in the venue or online. Basically, so many failure points were bound to make happy accidents inevitable.</p><p>Instead, what happened was something truly magical.</p><p>We’ll admit, there were some unforeseen difficulties. The swag shipment got delayed. On our way to pick it up, we got in a car accident. The shipment was further delayed. The fire department had to rescue a dozen of us stuck in the elevator. We ran out of food the first morning. Snowfall hampered the mobile application used for the Missing-Player game.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/elevator-2.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/elevator-2.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/elevator-2.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/10621/elevator-2.jpg" style="width: 100%; border-style:solid; border-width:1px;" alt="Merry Spirians stuck in the elevator." title="Merry Spirians stuck in the elevator."></source></source></source></picture></p><p>Merry Spirians stuck in the elevator.</p><p>Nonetheless, 100% of attendees answering our post-event survey said they had a good time. You read that right: one hundred percent! We enjoyed the guest speakers, the internal presenters, a <a href="https://seriousplay.training/lego-serious-play/">serious play</a> session, and a gala. In short, there was something for everyone.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/broc-n-roll.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/broc-n-roll.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/broc-n-roll.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/10621/broc-n-roll.webp" style="width: 100%; border-style:solid; border-width:1px;" alt="InSpiria 2023." title="InSpiria 2023."></source></source></source></picture></p><p>InSpiria 2023. Photo Eva Blue.</p><p>Full disclosure: we had a lot of help from an <a href="https://en.360lagence.com/">agency</a> that specializes in creating amazing events. Planning these events without help is hereafter out of the question! But what else have we learned from inSpiria 2023?</p><p>First and foremost, even diehard introverts like me need to socialize. Sure, it took me a week to recharge my batteries, but it was SO worth it.</p><p>Second, we’ve created a monster. Everyone in attendance felt that five years until the next all-staff conference is too long a wait (our last mass meeting was <a href="https://www.spiria.com/en/blog/working-environment/spiria-turns-15/">in 2018</a>...).</p><p>Third—and perhaps most important: We are a decentralized company with very strong local cultures, yet our collaborative mindset shines through. Spirians love working together, regardless of where they hail from. This collaboration is indicative of our strong bonds, which in turn enable us to deliver on the promises we make to our clients. Because at Spiria, we firmly believe that a top-notch CX (customer experience) begins with a strong EX (employee experience).</p><p style="text-align: right;">Stéphane Rouleau, President &amp; CEO.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/inspiria-group.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/inspiria-group.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/10621/inspiria-group.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/10621/inspiria-group.webp" style="width: 100%; border-style:solid; border-width:1px;" alt="InSpiria 2023." title="InSpiria 2023."></source></source></source></picture></p><p>InSpiria 2023. Photo Eva Blue.</p></div>

<div><p>According to figures from IDC (International Data Corporation), two out of three companies have already begun the migration process, and most others plan to do so within the next three years. However, as with any major change, migration to database-as-a-service (DBaaS) comes with some risks that must be carefully considered. Without sufficient vigilance and risk mitigation, such a migration can lead to cost overruns and delays, and as a result, the expected business benefits are slow to materialize.</p><p>We explore seven of the most significant risks associated with migrating a database to the cloud: security, compliance, sovereignty, data integrity, performance, cost and lock-in. We also provide information on how to mitigate these risks and ensure a successful migration. By understanding and addressing these risks, organizations can access the benefits of cloud databases while minimizing potential negative impacts.</p><h2>Security </h2><p>One of the biggest concerns when migrating a database to the cloud is security. Data stored in the cloud is more exposed to hacking, breaches and unauthorized access. To mitigate these risks, companies should ensure that their DBaaS provider has robust security measures in place, such as encryption, multi-factor authentication and regular security audits.</p><h2>Compliance </h2><p>Companies that store sensitive data, such as personal or financial information, must comply with regulations such as HIPAA, PCI-DSS or <a href="https://www.spiria.com/en/resources/understanding-the-gdpr-requirements/">GDPR</a>. If the vendor does not meet these necessary regulatory requirements, migrating a database to the cloud poses a risk for the company.</p><h2>Sovereignty </h2><p>Data sovereignty, which is becoming increasingly important due to new data regulations, is the concept that data is stored and managed in specific geopolitical locations. When a company migrates its database to the cloud, it might not control where its data is stored and processed, which exposes it to the risk of non-compliance with data-sovereignty laws. To mitigate this risk, companies should ensure that their cloud provider offers storage and data processing in pre-specified geographic locations.</p><h2>Data Integrity</h2><p>When migrating a database to the cloud, there is a risk of data loss due to human error, system failures, and other unforeseen mishaps. To mitigate this risk, companies should have a disaster recovery plan in place and regularly back up their data.</p><h2>Performance </h2><p>Migrating a database to the cloud can also lead to performance issues, such as slow query times and network latency. This can be due to improper configuration, insufficient resources, or lack of monitoring and optimization. To mitigate these risks, organizations must work closely with their service provider to ensure proper configuration and sufficient resources.</p><h2>Cost </h2><p>The costs associated with using a DBaaS might not be obvious over the medium- to long-term. Pricing models are not always transparent and price increases can creep in. Also, expectations of performance optimization can prompt a company to ask the supplier to increase the input/output operations per second (IOPS), the computing power or the memory size, quickly leading to cost increases and significant repercussions over the long term.</p><h2>Lock-In</h2><p>When an enterprise migrates its database to the cloud, it becomes dependent on a DBaaS provider to store and manage its data. This can lead to being locked in to a situation where the technology is proprietary, meaning that the company cannot easily move from one provider to another without significant cost or disruption. The data becomes trapped in a solution, to so speak. To mitigate this risk, companies should choose a cloud provider that offers flexibility and allows for easy data migration. It is also recommended to avoid the use of proprietary cloud tools that do not effectively support data replication to other platforms.</p><p>To summarize, migrating a database to the cloud has many benefits, such as cost savings, scalability, and increased accessibility, but it also comes with some risks that must be considered and mitigated. Companies should choose a cloud provider that offers robust security measures, compliance with necessary regulations and the ability to store and process data in specific geographic locations. In addition, companies should have a disaster recovery plan in place, regularly back up their data and work closely with their cloud provider to ensure proper configuration and sufficient resources. While risks properly speaking are not a sufficient reason to shy away from DBaaS, it is important to consider them up front, understand them thoroughly, and mitigate them as part of a carefully considered migration strategy.<br> </p></div>

<div><p><strong>Spiria: In our work as software programmers, we use the term <i>technical</i> or <i>technological debt</i> to refer to potential costs accrued by using shortcuts in code development. If delivering a project on time and on budget gets tight, for example, we sometimes choose to circumvent problems rather than solve them. These weaknesses add up in the code and in the architecture. The day comes when they have to be accounted for because they’ve combined to compromise the stability, performance, security and scalability of the system. They are a sort of concealed loan that eventually needs to be repaid. But doesn’t the idea of technological debt go beyond just applications?</strong></p><p>Carlo Rossi: Absolutely. The debt embedded in <a href="https://www.spiria.com/en/services/purpose-built-development/custom-software-development/">software applications</a> is just the tip of the iceberg, with underlying technological fault lines having an impact on the entire organization’s ship. A company’s deferral of its operations overhaul can result in a different kind of debt. Many companies, for example, haven’t yet made the leap into digitization. They’re still working with paper or with electronic documents that aren’t interactive and that get passed around, which reduces efficiency. We review all operations looking for chronic pain points, and we often find the solution lying just below the surface of technology.</p><p><strong>What’s the reason for the delays? Why are companies sometimes hesitant to change tack?</strong></p><p>The problem isn’t new. During my training, I became fascinated with the Toyota Way, whose aim is to track down waste, to work smart and to establish a long-term vision. But many companies are still worlds away. They are reluctant to overhaul their processes in depth and so the problems remain. An analysis carried out in April 2022 by the firm Raymond Chabot Grant Thornton lists several factors:</p><ol> <li>Many companies take a conservative view of their way of doing things.</li> <li>They don’t quite understand the processes that make up their operations.</li> <li>They’re not aware of the benefits of certain technologies.</li> <li>They fear change and risk, which is understandable. They’ve heard the horror stories of tech launches that ran aground.</li> <li>And finally, they often lack in-house staff with the skills to set off on a digitization plan.</li></ol><p><strong>So where does one begin?</strong></p><p>With an in-depth analysis, an audit, which usually starts by listening to the people in the trenches. But to really listen, it helps to get the help of a consultant who can ask the right questions. By hearing the employees talk about their day-to-day, this consultant will quickly pinpoint places for improvement. In other words, before you make any decision, you have to identify, target, and plan, of course. Take the case of <a href="https://www.spiria.com/en/our-work/arhoma/">Arhoma</a>, for example. This neat bakery had a hard time reliably filling its many restaurant and grocery-store orders. Spiria experts spent a few days with the employees who handle the orders. The consultants then recommended a customized solution whose sole focus was the order-taking process, which eventually combined the delivery logistics and billing.</p><p><strong>Are custom solutions always the way to go? Aren’t there turnkey solutions that avoid having to reinvent the wheel?</strong></p><p>Yes, and it’s the consultant’s job to make sense of them. As a matter of fact, we recently met the CEO of a clothing manufacturer who wanted to make his sales reps’ work easier on the road. Each was patching together a product catalog to show to potential clients. After analyzing their needs, Spiria found an extant solution that fit the bill perfectly. Technology is so democratized now that it’s quite common to come across an existing, serviceable solution.</p><p><strong>Some payroll systems have been tried and tested, so there’s no point in starting from scratch. Sometimes this kind of solution means having to change your M.O., but that can be a good thing.</strong></p><p>For sure. However, the best solution is often a custom-made solution, entirely tailored to specific needs. It’s important to really consider all the possibilities before opting for one thing over another.</p><p><strong>CEOs would point out that the custom solution is also the pricier one.</strong></p><p>Yes and no. With good planning, the ROI quickly becomes tangible. Before I came to Spiria, I worked on the opening of the new McGill University Health Centre (MUHC), where I was responsible for setting up a supply system. We realized that there were too many stakeholders and hurdles involved in the restocking of equipment. We pinpointed what could potentially be automated, namely purchases of basic medical supplies such as syringes, dressings, fluids, etc. No one has to press a button to renew this type of stock anymore! By figuring out where to prioritize the investment, we found substantial savings while making everyone happy.</p><p><strong>And when one solution works out, companies are motivated to optimize further processes.</strong></p><p>Exactly! One of the benefits was that staff came to see automation not as a loss of responsibility, but as an opportunity to dedicate themselves to tasks that are more in keeping with their skills, rather than the drone of filling out forms all day. Then we aligned the management of patients’ medical records and transportation for the three hospitals that had merged. In addition to standardizing forms and creating IT solutions, staff also needed computers and other work tools such as tablets, across all departments! A digital transition doesn’t stop at software improvement.</p><p><strong>In software development, we often talk about continuous improvement.</strong></p><p>Same goes for businesses. Technology can help you along, but it has to be thought out and planned. It can be fun!</p><p><strong>So you need a game plan.</strong></p><p>Exactly. If you try to tackle everything at once, you’re headed straight for an organizational and budgetary pile up! As we say at Spiria, don’t be afraid of just rooting around and checking out all the options, and then just go for it, keeping in mind the end goal. All told, technical debt is directly linked to companies’ digital maturity. You can’t assimilate new technology, whether automation, robotization, cybersecurity or other cutting-edge tools such as integrated information systems, without a shift in operations and culture.</p><p><strong>Thank you Carlo for this enlightening discussion. So next up is a talk about companies’ digital maturity.</strong></p><p>My pleasure.</p><h3>Online resources to get you started</h3><ul> <li><a href="https://www.rcgt.com/en/on-the-move/essor-program-support-business-development/">Essor Program</a>.</li> <li><a href="https://ised-isde.canada.ca/site/canada-digital-adoption-program/en">Canada Digital Adoption Program</a>.</li></ul></div>

<div><p>However, agility is essentially a workplace culture that turns the entire team’s focus on the project’s success. This subtle difference is summarized in this quote:</p><p><em>“There are two kinds of teams: the ones who DO agility and the ones who ARE agile.”</em></p><p>In this article, we look at the Sprint Planning, which in my experience is often deemed the least important ceremony. Sprint Planning is the key to transforming a team that fails its sprints into a top performer where all members develop professionally and enjoy their experience.</p><h2>A Ceremony for Team Building</h2><p>In too many cases, Sprint Planning is a short meeting in which the Product Owner (PO) or the Scrum Master decides the number of stories that will be included in the sprint, based on the estimated team velocity. These meetings last only 15 to 30 minutes and generally lead to failed sprints, low-quality code, team disengagement, and volatile commitment to the project or its success.</p><p>Instead, Sprint Planning should be the developers’ ceremony rather than the PO’s or the Scrum Master’s. It’s the moment when developers take matters in their own hands in view of the upcoming sprint. The PO and the Scrum Master are not excluded from the meeting, but they need to understand that their influence has to stay limited:</p><ul> <li>The PO answers questions if needed.</li> <li>The Scrum Master ensures good practice.</li></ul><h2>Towards a Sense of Ownership</h2><p>By taking control of the Sprint Planning, developers cultivate a sense of ownership that will lead to commitment, responsibility and accountability. This change is not caused by restrictions, hierarchical pressure, or apprehension, but because the team voluntarily commits to the delivery, and people inherently want to keep their word and succeed in creating superior quality products. The sprint is the team’s group effort, and the team obviously wants to be proud of it. All the practices we talk about further in this article help develop and anchor this mindset.</p><p>As mentioned earlier, Sprint Planning for many teams mainly consists in selecting a set of stories to reach a given number of points for the sprint. However, the purpose of the ceremony is to ensure a successful sprint by engaging the team and preventing miscommunication. To reduce the risk to a minimum, the team needs to share an understanding of each story in terms of :</p><ul> <li>What it should accomplish;</li> <li>How it should be developed;</li> <li>How long it should take.</li></ul><h2>Time Over Points</h2><p>To reduce the risk, the simplest method is to allow the team to divide each story into subtasks with a time estimate. Doing so benefits the team and the sprint in several ways:</p><ul> <li>Listing the subtasks for a story lets the whole team see what should be done and how. New members to the team will quickly learn how things work, and any team member can take a story and complete it satisfactorily. The team’s global knowledge increases.</li> <li>The team can and should challenge subtasks added to a story to ensure that the envisioned solution is the best. Challenging and improving subtasks allows the whole team to participate and improves team knowledge, cohesion, commitment, and trust.</li> <li>Estimating the time for each subtask ensures that: <ul> <li>The actual workload will fit within the available workforce.</li> <li>Misunderstandings are detected: if two developers come up with a different estimation, it’s probably because there is a difference in their understanding of what is to be accomplished and how it should be done. Resolving this misunderstanding early will prevent the story from having to be re-coded or corrected later.</li> <li>Time tracking that shows the progress of the sprint will immediately reveal any problem in development. It’s nearly impossible to detect sprint issues by tracking the progress of the sprint using story points.</li> </ul> </li></ul><p>Tracking the progress of a sprint using subtasks’ time offers a major advantage over tracking using story points. Because stories are completed close to the end of the sprint and story points are removed only when the story is completed, any issue becomes visible when it is too late to handle the situation, as illustrated in the drawing below.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/9302/typical-sprint.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/9302/typical-sprint.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/9302/typical-sprint.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/9302/typical-sprint.webp" style="width: 100%; border: none;" alt="Typical Sprint." title="Typical Sprint."></source></source></source></picture></p><p>On the other hand, when we track the time spent in subtasks, we notice the time burndown diverge from the ideal burndown line as soon as a task takes longer than estimated. The team can proactively and constructively solve the problem. It helps the team’s morale because rather than endure failure at a point when nothing can be done, the team can act and decide how to minimize the impact on the sprint. It strengthens the team spirit, the sense of control, and the commitment to success.</p><h2>An Opportunity to Grow Together</h2><p>Even if a sprint ends in failure, ultimately, the outcome will be positive because the team has worked together to reach a goal and has learned from its errors. Failure should always be handled as an opportunity to improve and strengthen the team, and not as a source of bitterness and recrimination.</p><h2>Conclusion</h2><p>Sprint Planning is not a ceremony to decide what story to put in the sprint, but a ceremony to build the team, create commitment and accountability, and plan for success. A few hours spent on a Sprint Planning are always a worthwhile investment in the success of a project.</p></div>

<div><p>Montreal, June 15, 2022 — Spiria is proud to announce a collaboration with the British Columbia Milk Marketing Board, Alberta Milk, and Dairy Farmers of Manitoba that resulted in the design and development of a state-of-the-art enterprise-grade dairy transportation data collection system.</p><p>The British Columbia Milk Marketing Board, Alberta Milk, and Dairy Farmers of Manitoba are key players in the dairy supply chain in Western Canada. These organizations manage milk collection from producers and delivery to processors. Thanks to the <a href="https://www.spiria.com/en/our-work/milk/">new mobile and web applications developed by Spiria</a>, it is easier and faster than ever for milk haulers to enter volume and sample data at the farm and drop-off data at the plants, assured that this business-critical data is securely delivered to the milk boards’ transportation teams in real time. On the transportation team side, the board staff have real-time visibility on milk routes and volumes, enabling them to make on-the-fly routing decisions and assuring quality compliance throughout the transportation process.</p><p>“Spiria is not only a partner but an actual member of our group. From day one, we felt that we had access to a trusted advisor who could not only deliver what we wanted, but also help us create things that we thought were out of our reach,” said Freda Molenkamp-Oudman, General Manager of Alberta Milk. “Having the opportunity to develop a platform for one of Canada’s finest institutions is something we are extremely proud of. Optimising a complex process like this one, through design and custom software development, is really what we love to tackle at Spiria,” mentioned Stéphane Rouleau, President and CEO of Spiria.</p><p>Most importantly, this collaboration marks the beginning of a successful and potentially long-term partnership between leaders in the dairy and software development industry were Spiria is committed to continue advising the British Columbia Milk Marketing Board, Alberta Milk, Dairy Farmers of Manitoba on technology-related challenges while maintaining and improving the system.</p><h2>About British Columbia Milk Marketing Board</h2><p>The <a href="https://bcmilk.com">British Columbia Milk Marketing Board</a> has the authority to promote, control and regulate the production, transportation, packing, storing and marketing of milk, fluid milk and manufactured milk products within British Columbia.</p><h2>About Alberta Milk</h2><p><a href="https://albertamilk.com">Alberta Milk</a> is a non-profit organization that represents Alberta’s dairy producers. They are a non-profit, farmer-driven organization, guided by a board of directors and delegates, whom are all dairy farmers running family farms. Solely funded by Alberta’s dairy farmers, Alberta Milk supports those farmers to produce safe, nutritious food in an economically, socially and environmentally sustainable way.</p><h2>About Dairy Farmers of Manitoba</h2><p><a href="https://dairyfarmersmb.ca">Dairy Farmers of Manitoba</a> is a non-profit organization that represents and is financed by all dairy farmers in the province. All dairy farms in Manitoba are family-owned and operated. We are committed to producing milk according to the highest standards of quality.</p><h2>About Spiria </h2><p>Founded in 2003, <a href="https://www.spiria.com/">Spiria</a> is a software development firm focused on helping companies successfully execute digital projects through strategy, design, and custom development. Their experts work with leading brands on building game changing digital products, optimizing processes, and generating growth through digital transformation. </p><h2>For Further Information:</h2><ul> <li>Spiria: marketing@spiria.com</li> <li>Alberta Milk: Magan Madden, mmadden@albertamilk.com</li></ul></div>

<div><p>A huge shout out to Andreea Bobaru, Erika Randall, Isabelle Thériault, Julia Correa, Laura Blanchard, Magali Bélanger-Bonneau, Vanessa Galiana and Zakia Messaoudi for taking some time out of their busy day to share their experiences with us, as well as their thoughts and hopes.</p><p><b>We can’t help but notice that a minority of women hold jobs as <a href="https://www.spiria.com/en/services/purpose-built-development/custom-software-development/"><b>software developers</b></a>. Do you think this has changed since you started your career? </b></p><p>Laura’s observation is that more women are getting into digital, but Zakia has noticed a gap in Quebec. “I find that in Quebec, there aren’t many women in software development. There were more women in my computer science studies program outside of Quebec.” When she started her career here, she mentioned this to women colleagues who had a few more years’ experience. They mused that “the numbers had gone up at some point, but then fell again.”</p><p>Vanessa is seeing tentative progress, but it’s not enough, of course. “There’s more awareness and a better acceptance of the issue. It’s become easier to talk about our concerns and challenges. The support isn’t always as concrete as I’d like, but the situation is improving.”</p><p><b>How can we improve diversity and the inclusion of women in traditionally male-dominated fields? </b></p><p>Magali feels that mutual support and solidarity will lead to progress. “I think it’s important to create communities within companies in which women can share the challenges they face with each other. It’s so reassuring to realize that we have allies!”</p><p>Julia recommends reaching out to young people “by taking part in school activities in some way or another, such as science fairs. Women programmers from <a href="https://www.spiria.com">Spiria</a> should go speak about the work they do here, how they got here, the challenges they deal with and the opportunities that have helped them along.”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-01.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-01.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-01.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-01.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>Vanessa agrees that what young people hear is critical. “You have to start them early, encourage girls, and present them with ideas, topics, and jobs they might not even know existed.” What’s more, she asks men to pitch in. “I would also like for men to reach out to their women colleagues. Support them in meetings, echo their words and ask them to share their thoughts.” Basically, Erika is putting out a call. “Give women a voice and a platform. Stand up for them. Amplify their voices. Let women know that they’ve already succeeded in moving the needle in the software industry and that they’re helping open the way to a more inclusive future. Let them blaze a trail and others will follow. Show women that their point of view is valued, and that sexism, deliberate or not, is no longer tolerated.”</p><p>Zakia commented that “We can’t hire women who aren’t on the job market. Unfortunately, there aren’t many women in our field”, and complemented Julia and Vanessa’s suggestions: “Children should become aware of the field earlier in life. Secondary school is better than nothing, but it’s already too late in some cases, when the choice of what to do or not do has already been made. You need more activities and workshops in primary school, and ideally, it should be part of the curriculum.”</p><p>For her part, Laura thinks that Spiria should make a more sustained effort to place women in positions we’re not used to seeing them in – in the IT department for example, or in the role of Dev Lead.</p><p><b>Do you think that women bring a specific added value to the field of software development? </b></p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-08.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-08.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-08.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-08.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>According to Zakia, we have to look at things in a broader context: that of inclusion and diversity. “It’s not only the specific things that women contribute, but also the diversity that comes in their wake. With greater diversity, we gain more ways to approach and solve problems. We’re also overlooking the concept of generational mix. We usually talk about what the most senior can teach the more junior, but we forget to mention young people’s contribution: a fresh outlook, spontaneity, new points of view and ways of operating. Sure, that makes us question ourselves sometimes. But let’s not forget how much richer an encounter between different cultures, lifestyles and experiences makes us.”</p><p>Andreea is convinced that women bring a different and essential perspective, and that their workstyle within a team tends to be more imbued with warmth and humanity.</p><p>Based on Julia’s experience, women are more organized and meticulous than men, both important qualities she looks for in software development.</p><p>Isabelle has found that you get a better product when software is developed in teams that are not homogenous. “To better meet the varied expectations of a multiplicity of users, you need a diversified team with divergent skills who value and see things differently. We usually attribute qualities such as cooperation and empathy to people who identify as women. These capabilities are an undeniable asset on a team.”</p><p>Erika is on the same wavelength and adds, “It’s crucial to have multiple points of view when developing software. The solutions and products we come up with must reflect users’ needs, and these users and their needs are as messy and complicated as we are. If we understand users and can stand in their shoes, anticipate their needs and solve their problem, then our work will be that much more effective, and we will have a greater impact. An entire perspective would be missing without women in the field of software development.” She goes on to say, “Though it’s definitely not a gender-related quality, women usually bring to software development a deeper emotional intelligence, and an elevated level of communication and empathy.”</p><p><b>At some point in your career, have you ever been treated differently because you’re a woman? How did you respond? </b></p><p>Though some on the panel hadn’t encountered this dismaying scenario, it was unfortunately not the case for everyone.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-09.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-09.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-09.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-09.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>Magali: “No, since I started my career, I’ve been fortunate to work with inclusive groups and managers who wanted their team to shine. Ultimately, regardless of gender, the least we can ask for is a respectful work environment.”</p><p>Zakia isn’t sure she’s encountered this, but perhaps that’s due to her outlook. “I might have been in this type of situation, but I always attribute the cause to something else. By not paying any attention to this kind of barrier, I haven’t penned myself in. I do what needs to be done, to the best of my ability, and then a little more, and things naturally follow. If you fixate on problems, you’ll inevitably encounter them. A good place to start is using positive thinking and persistence.”</p><p>Julia has averted these situations, at the cost of wearing an armor that she’s now trying to shed. “I was lucky in that I don’t think I was ever treated differently, but I also think it’s because people saw me as a strong person who wasn’t afraid to say what she thought and to raise her voice to be heard. This trait gave the impression that I was hard and thick-skinned. At first, that didn’t bother me. Perhaps my behaviour was a direct reflection of my work environment, or perhaps I didn’t want to appear insecure. Eventually, I realized that that wasn’t the way I wanted to be perceived. I wanted to change and to learn to assert myself without coming across as aggressive. Some of the key elements on this professional and personal journey were, and still are, having a solid team I can trust and who trusts me, noticing the behaviours I no longer want to engage in, and understanding that asking for help and being vulnerable is fine. It’s a continuous improvement process that makes it possible to adapt to the changing realities of a world in constant flux.”</p><p>Andreea, on the other hand, has seen a difference in how she was treated and changed her habits in order to be heard. “It’s so strange to be a woman in her twenties and to take part in meetings organized by and for men who neither want nor need my opinion. So we tend to speak louder, to be more articulate, less emotional and generally more masculine than we would otherwise be, just so we can express our ideas and opinions.”</p><p>Laura dealt with discriminatory treatment, not within the company but at the hands of a client. “Yes, I had a client who was clearly misogynistic, who didn’t speak to me as he would to other men. The way he saw it, I was inherently incompetent. A few years ago, this kind of behavior could deeply affect me, to the point that I sometimes lost confidence in myself. But now, with maturity and experience, I am able to take a much more detached approach to these situations. I tell myself that I can’t take ownership of people’s problematic behaviors in general, and that it doesn’t concern me. It helps me move forward and stay focused on my goals!”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-02.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-02.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-02.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-02.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>Erika’s experience leaves no room for doubt. “Absolutely, 100% affirmative. I experienced all kinds of situations. Whether it was having my abilities or my experience dismissed, being mistaken for an assistant, getting interrupted mid-sentence, my contributions being ignored, being called “emotional” when I insisted on making myself heard… And then being subjected to inappropriate comments and advances from both clients and colleagues (…) I learned to be firm, to hold my ground and to defend my interests. I civilly and indirectly refer to my experience and the reason why I’m here. Generally, I start from the premise that most people do not intend to harm others and are not aware of the impact they have. (…) When it comes to inappropriate comments, we must adopt a zero-tolerance policy. Women – and men – need a safe space to flag these issues internally and to receive the necessary support to get out of an undesirable situation.” Erika clarified that this zero-tolerance policy should be fully applicable to clients as well, even if it means risking a relationship with the client or losing an account.</p><p><b>Have you noticed a glass ceiling in our field? What is your advice for women who wish to pursue a leadership role in a predominantly male field such as software development? </b></p><p>The glass ceiling doesn’t limit people based on gender alone, says Isabelle. “Several demographic groups bump their heads on the glass ceiling: women of course, but also older and younger people, and new Canadians. Inclusion is a long-term goal that requires perseverance given that humans are the way they are – meaning, more inclined to gather with like individuals, as several studies have shown.” Isabelle’s advice to those groups is to rely on their expertise and credibility. “People who are committed to and passionate about their work will find it much easier to break through this glass ceiling. Besides, shouldn’t management teams be exclusively made up of this type of person?”</p><p>Zakia points out that the ceiling isn’t necessarily where you expect to find it. “Truth be told, I never saw a ceiling, except when I built it myself…”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-03.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-03.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-03.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-03.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>To rise to a leadership role, Magali recommends above all else taking risks and taking full responsibility for your career goals. “Get rid of the imposter syndrome by any means. You must acknowledge your successes and be unafraid to take credit for them. Talk to your manager about your hopes, and together work out a plan to develop into the role that you see yourself in. The key to success is preparation, work, and communication. Ask nothing, get nothing.”</p><p>Julia confirms that one must take risks and be unafraid. “Speak up, assert yourself, prepare to argue your case, and be yourself! People can sense when someone isn’t being true to themself.”</p><p>Vanessa also mentions self-affirmation. “I strongly encourage you to express yourself when something’s not right, even if it’s hard, even if no one is listening. It’s about speaking your truth so that at the end of the day, you can be satisfied that you did what had to be done. Each time you do this, you’re helping to pave the way for another woman. Change isn’t instantaneous, be patient. It’s a long game so don’t give up.”</p><p><b>So then tell us, what are the key qualities necessary to become a good leader? </b></p><p>Magali, who has a leadership role at Spiria as Finance Director, shares tips based on her own experience. “In my mind, a good leader practices transparency and integrity. You have to instill a sense of trust in your team and I’d even add, to dare to influence people, to encourage them to leave their comfort zone and take risks. That’s how a team grows and projects reach the next level. Needless to say, you have to surround yourself with the right people. Even better is when people on your team are the experts in their field. Delegate so these experts contribute their points of view, and they will certainly move the project forward more effectively.”</p><p>To build this kind of trust, Zakia recommends that we “listen with empathy, but above all, stay true to ourselves. There should be no disconnect between what we say and what we do.”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-04.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-04.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-04.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-04.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>The concepts of empathy and integrity recur frequently. “Empathy, integrity and listening skills are, I think, essential qualities in a good leader. And I’m pleased to say that I notice these qualities in Spiria’s management team,” says Julia.</p><p>Laura maintains that good leadership starts with listening, experience, and effective speaking skills. For Vanessa, this involves not only listening skills but also the ability to inspire and motivate. “A good leader leads by example. They inspire those around them, they challenge them, but above all, they listen. Strong leaders are transparent and own up to their mistakes. They are their team’s biggest fan and, when push comes to shove, they step up and stand up for their team.”</p><p>“Good leaders should have a clear vision of the assignment. They should be able to communicate this concisely while also incorporating the team’s ideas in the strategy. Easier said than done! Above all, it takes a lot of self-confidence to set clear and realistic goals,” explains Isabelle. “Also, a generous dollop of humility helps when adjusting one’s strategy to take into account the ideas that colleagues bring to the table.”</p><p>In the early ‘70s, Robert K. Greenleaf introduced the concept of “servant leadership.” Ever since she found out about it, Andreea is a vocal proponent. “Someone recently turned me on to the notion of servant leadership, and I wonder where it was my whole life! It embodies everything in a good leader: nurturing, present, at the service of the team, and especially, they get that they’re not the center of the universe. A project doesn’t go far with just managers with no worker bees, just as a company is only a logo without its employees!”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-07.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-07.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-07.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-07.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>And last, Erika thinks along the same lines. “A good leader makes room for colleagues to take risks, to make informed decisions and to develop their innate competencies. They trust their team and support it through thick and thin. Their approach to leadership is human-centered.”</p><p><b>What are your hopes and forecast for the future of the tech industry? </b></p><p>Obviously, our panel unanimously wants more women and more inclusivity in the field, especially in leadership roles. Erika brings ethics to our attention. “Just because you can do it doesn’t mean you should. We must be mindful of technology’s impact as it increasingly permeates our daily lives.”</p><p><b>What is your advice for the next generation? </b></p><p>Andreea: “Check your insecurities, imposter syndrome and tendency to want to please people!”</p><p>Laura: “Stay true to yourself and your beliefs.”</p><p>Isabelle: “Dream, work, stick to it and be giving! Hard work isn’t fashionable, but to feel pride in yourself, you have to surpass yourself, and that requires effort and perseverance!”</p><p>Julia: “In these chaotic times, we can’t underestimate the strength that comes from understanding our past. As with work, we learn from experience, our own and that of others. Ask for assistance, you don’t have all the answers. We are stronger and less pressured as a team. So reach out as soon as you feel the need for a helping hand.”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-05.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-05.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-05.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-05.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>Vanessa: “Don’t let anyone, least of all yourself, dim your light. You have so much to offer, let it shine. You’ll inspire others to do the same. Don’t play in the hands of society that pits women against one another. We are stronger together.”</p><p>Zakia: “Do it! Leave your comfort zone and your beaten path, blaze your own trail!”</p><p><b>And finally, what inspires you?</b></p><p>Andreea: “The kindness and courage of decent people. The beauty of our planet. And the unconditional and guileless love that dogs have for their humans.”</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-06.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-06.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-06.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8508/interview-cite-en-06.png" style="width: 100%; border: none;" alt=" " title=" "></source></source></source></picture></p><p>Isabelle: “I’m inspired by people who have simple yet innovative ideas that help their community and society as a whole. I’m so impressed with those who find a way to execute a project that initially nobody believed in. You know, those stories about people who persevered to realize an impossible dream. I’m a sucker for all stories about passion, courage and perseverance, and I try to include those values in my journey.</p><p>Julia: “People working together, helping each other, and having fun while doing it. Work hard, play hard.”</p><p>Laura: “Seeing women fight to abolish stereotypes. Noticing the freedom of speech around feminist concepts and approach in general — and for once, this is where I find that social networks have an immense power of positive influence. And to witness that change. Slowly, for sure, but it’s shifting.”</p><p>Vanessa: “I’m very inspired by the immigrant women in my family and those I’ve met throughout my life. The reason I’m here in this country today is because of the sacrifice and arduous work of Carmen Estrada, my grandmother. I often think of her when things get difficult. She fought to work at a bank when she was quite young. She supported her family financially after her father was murdered for speaking out against the dictatorship in Spain. Everything she did, she did it for her family. To me, she was sweet Grandmother, but as I grew older, I realized the extraordinary strength this woman had. On a lighter note, I’m inspired by the kindness of strangers. When they seemingly have nothing to gain, it’s truly a good deed.”</p><p>Zakia: “Challenges. To feel that you can make a difference in the quality of people’s lives and in their professional development. And especially, to make their work life more motivated and fulfilling.”</p></div>

<div><p>The Docker Hub database projects that first struck me were PostgreSQL, MySQL, MongoDB… And then there were the devops tool: Jenkins, SonarQube, Maven, etc., which I had heard of so often. Then, the programming languages: GCC, Golang, Rust,Julia. Linux distros, web frameworks, analytics… you name it. The list of dockerized technology is long.<br> <br>Each project through Docker Hub follows the same pattern: multiple versions, basic commands, a link to the source project web site, a configuration to get the user started, and warnings where applicable.<br> <br>The projects have a single point of configuration and a single persistent data location on the host drive, usually set up as a volume outside the container. This addresses some issues that plagued legacy systems, such as configuration parameters spread across multiple locations (registry, env vars, ini, xml, json files) and db parameters. This is such an improvement. It makes it a lot easier to learn the configurations and eases the adoption curve.<br> <br>Comparing two configurations or versions of the same framework on the same host used to be nearly impossible. Now, it can be done. One dockerfile/docker-compose per configuration, a couple of port numbers, and a volume location change – that’s all you need!<br> <br>You get the point, right?<br> <br>The benefit of this normalized ecosystem is that anyone can quickly learn a tool. It won’t make you an expert, but with the tutorials and digital courses available on the web, you will become proficient. This will accelerate the learning curve of dockerized-technology.<br> <br>Docker seems to privilege open-source projects, as these clearly outnumber the proprietary software on Docker Hub. I suspect software providers have already flagged this, given the number of proprietary software images that have started to appear on the hub. This will put pressure on cloud providers to integrate Docker containers in their service offer. Sure, some cloud providers already offer some form of support, but is this support as easy to use as Docker itself?<br> <br>Docker might come across as not always suitable for production, mainly for security reasons. Docker dev team would do well to address those concerns and to simplify its security configurations. <br> <br>Docker’s didactic qualities make it the platform to successfully deliver a technology — especially an open source one — to the public.</p></div>

<div><p>The first two editions of <i>inSpiria</i>, held on our 10^th and 15^th anniversaries, were in fact mainly social events. As we grew to encompass multiple offices and projects, it became more important to gather to meet distant colleagues, some of them for the first time. While the second edition featured more learning activities than the first, it was still first and foremost a social gathering.</p><p>Then COVID19 happened.</p><p>Overnight, all Spirians started working from home. Fairly quickly, we decided to fully embrace hybrid work policies. Whenever our local governments allowed it, we reopened our offices but did not enforce physical presence. You could work in your pyjamas every day (ideally at home!) if you wanted to. Because of this policy, we started recruiting across Canada, which in turn further reinforced our hybrid work policies.</p><p>Which brings us back to <i>inSpiria</i>. Originally a once-every-five-year event, we toyed with the idea of making it annual. Midway through 2020, when most everyone worked remotely, it became apparent that we had to do something. So we adapted and came up with the virtual conference format used in 2021 and 2022.</p><p>These four days are absolutely jam-packed. We have our own version of the ubiquitous Town Hall meeting, which we’ve named the <i>Broc ‘n Roll</i> (because, reasons), external speakers on a variety of topics, but where <i>inSpiria</i> truly shines is that Spirians step up to speak, host, present, organize, the works!</p><p>Communities of Practice gather to align and work on their various specialties, project teams showcase their awesome work in our Knowledge Fairs, everyone debates random topics during employee-favourite Unconference sessions … the event’s agenda has something for everyone.</p><p>Did we completely flip <i>inSpiria</i> from a social event to a learning event? Not at all! At Spiria, we truly believe in having fun. I’ve heard some employees describe it as “serious fun”: we definitely don’t take ourselves too seriously. Though learning events are social as well, <i>inSpiria</i> also includes exclusively social events, given the limitations imposed by online attendance.</p><p>Next year will mark our 20^th anniversary, which coincides with the five-year mark since our last in-person <i>inSpiria</i>. Our plan, health safety rules permitting, is to hold a fully hybrid event. Spirians who wish to gather at a yet-to-be-disclosed location will be welcomed, and we’ll ensure that we have live feeds of key events for our remote, pyjama-wearing colleagues.</p><p>This type of event is not cheap, and the hybrid version will be even more expensive. However, we strongly believe there’s a better way to look at it: <i>inSpiria</i> is not an expense, it’s an investment! We are constantly working to improve the CX (Customer eXperience) we provide, and our NPS scores justify those efforts. We think that a strong CX requires an equally strong EX (Employee eXperience), and <i>inSpiria</i> is but one element of this experience.</p><p>Besides, what’s the point of it all if you’re not having fun?</p></div>

<div><p><b>Spiria: Security is often implemented as an afterthought at the end of the <a href="https://www.spiria.com/en/services/purpose-built-development/custom-software-development/"><b>software development</b></a> cycle. What are your thoughts on this?</b></p><p><b>Garett Spencley-Sales</b>: Security deserves primary consideration. It needs to be dealt with upfront, whereas there’s a tendency in our industry to think of security as a technical problem to be overcome. There’s also an assumption that, “Well, if there’s a security problem, it’s a bug because the developers didn’t code correctly.” That’s a disastrous way to think about security. You’re leaving yourself wide open to all kinds of issues. In order to address security properly, you need to do the risk analysis upfront and you need to identify your most valuable assets. Whether it’s customer data and information, company systems—whatever you’re protecting, or whatever would be a liability if it were compromised—you need to identify those things before development even starts.</p><p>Threat modeling should also be complete before you get underway, so that if development goes sideways, you can say, “Okay, here’s how we anticipated these fault lines; these high-risk assets could be attacked and potentially compromised, but here are the features we included in order to protect them on the technical front.”</p><p>And then, of course, organizations need to be aware that technical risk is but one of the risks they run. Over the decades, we’ve seen so many attacks that preyed on social vulnerabilities rather than on technical ones. Even today, phishing campaigns, which are social attacks, not technical attacks, are one of the most common ways to compromise a system.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/think-cite.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/think-cite.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/think-cite.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8222/think-cite.png" style="width: 100%; border: 0;" alt=" " title=" "></source></source></source></picture></p><p><b>Clearly, the concern for security starts well before any line of code is written. The considerations run from the choice of tools and frameworks to the definition of the requirements, right?</b></p><p><b>Garett</b>: Sure. You need to think of security as an important feature. You can’t just assume that the system will be inherently secure. What it means to be secure varies from project to project. It depends on what the risks are and what needs to be protected. What does security entail for your system and for your data? It’s not cookie cutter, as every project will have different requirements. When you understand what your priorities are, you can treat security as a feature and you can make sure that it’s addressed from the start. Then the tools, the processes and the systems you use will be the right ones to solve those particular problems.</p><p><b>Integrating security into the software development cycle without slowing down the project is a time-consuming task that comes with its own cost. Don’t you need extra hands to maintain the timeframe? Does that make it a bigger investment? </b></p><p><b>Garett</b>: Getting security right inevitably comes at a cost. Properly developing features and software costs money. But if we treat security as an afterthought and problems as bugs, this will add even more to the cost.</p><p>When dealing with security, bugs are especially harmful because they represent a huge liability for businesses, who could face regulatory fines, lawsuits for breach of privacy if user status is compromised, or a market loss because of a decreased level of trust in their service. Security has many financial implications for a company.</p><p>So that projects don’t grind to a halt, the smart way to go is to handle security as a feature from the get-go. This way, you ensure that those types of bugs are caught early, when they can be addressed cheaply, quickly and efficiently, instead of developing an unsecured system because no-one felt security was a prerequisite. You don’t want to be saying after the fact, “Oh no, we have to do something about our security problem, but we can’t because the system wasn’t designed to do what we now need it to do.”</p><p>So the unfortunate answer is yes, you do need to invest a little bit more upfront. But the business reason to make that investment is that this will potentially save you a massive amount of liability. And if you want to do the cost-benefit analysis, then do that risk assessment upfront. Identify what’s most valuable and what your liabilities could be, because if you don’t, you’re taking a huge risk without even being aware that you’re at risk. And that’s what we’re seeing now with all these ransomware attacks, breaches and so on.</p><p><b>If you don’t tend to the security aspect continually, you accumulate a kind of technical debt, right? Could you talk about “security debt” and what problems such a debt creates?</b></p><p><b>Garett</b>: You could frame it as a type of technical debt. But now, luck unfortunately enters the picture. Out of sheer dumb luck, some companies never find themselves targeted. They don’t suffer those liabilities and they don’t pay the cost of technical debt. But if you do get breached, if there is a vulnerability at the technical level and you only address it after the fact, other security vulnerabilities in your system will also come to light. It wouldn’t be inappropriate to consider that as a form of debt that eventually comes due.</p><p><b>In order to minimize this debt, would you say that it is better to have several minor slowdowns during development than one major one at the very end?</b></p><p><b>Garett</b>: Well, the topic of slowdowns is an interesting one, because I think there’s an implicit expectation that the system will be secure. We expect security because we recognize that we are dealing with risk. Whether it’s a product company or a client contracting an agency such as Spiria, nobody commissioning a project intends to buy unsecured software. I would argue that planning for security is not a slowdown.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/security-cite.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/security-cite.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/security-cite.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8222/security-cite.png" style="width: 100%; border: 0;" alt=" " title=" "></source></source></source></picture></p><p>Security is a feature, whether it’s treated as such or not. The smart thing to do is to treat it as such, and bake that in the cost of developing the software’s features. You have to build the security and that just comes with a cost, which is that of developing the features.No one needs an unsecured system that will cost the company in terms of liability, or cost our customers, which blows back on the company as well.</p><p><b>That’s all well and good, but in practice, how does it work? You’re a senior developer with a lot of experience, you’ve seen many projects and teams. Do things always work out that way? Is security truly integrated into the development process?</b></p><p><b>Garett</b>: To be honest, in my observation and experience, security is all-too-often not considered at all. It simply doesn’t enter the conversation. Companies race to go to market with shiny features that they expect will make them a lot of money, while security is never mentioned. Or if it is, it tends to be brought up by developers who understand that, “Hey, you have risks here. This database has an insane amount of customer data and information, but there are actually very few access controls and measures in place to safeguard it.” The typical answer is “That’s a very good point” and “We swear we take it seriously,” but it’s not a priority right then. It’s something they want to get to someday, but that day never comes.</p><p>It’s no surprise to me, because we software developers and engineers have been raising these concerns for the twenty years that I’ve been in the industry, and now I’m like, “I told you so.” We predicted that there would be more large-scale attacks, data leaks and breaches, such as the ransomware attacks that are making the news.</p><p>Forgive my bluntness, but I don’t think things will really improve until business leaders face jail time. There are simply no consequences. It’s a matter of risk assessment. Managers, business leaders, and executives who are not particularly tech-savvy believe that it takes some sort of genius like you only see in the movies to compromise a system. They think, “This can’t happen to us.” But anyone who doesn’t treat this seriously is putting the system at risk. Any system can be breached if someone is determined to get in. If you skip the risk assessment, you don’t know what’s vulnerable and what you need to safeguard, and everything is left exposed.</p><p><b>So we’re seeing that the benefit of going to market quickly to give users new features outweighs the risk of fines related to database breaches, for example…</b></p><p><b>Garett</b>: It’s out of sight, out of mind. I think it’s not even considered early on, when in fact that’s when it should be highlighted. Security should be included as a feature. Clients assume that they’re buying a secure system, but security is never mentioned during the discovery phase or during planning. We’re never given documents that outline the risk assessment and threat modeling, nor are we ever asked to do that modeling. I’ve never seen a report that said, “Here’s the threat modeling, the risk assessment, our priorities, so here’s what we have to put in place.” Security consulting agencies are hired to do that in some cases, and I did it once when I was on a project for a major US bank that had its own systems in place.</p><p>What’s more, I recently listened to someone’s lecture who is contracted by banks to do physical security assessments. They hire him to deliberately try and rob the bank, to see what the bank would do in case of an attack. He found that even banks’ physical security is much weaker than one would expect. He argues that if they can’t do physical security right, then there’s no way they can do digital security either. If planning for security features isn’t deemed important, the liability becomes the incentive.</p><p>It’s assumed that developers will write secure code, but policies to control access to database servers have little to do with code. That’s one potential attack vector; then there are social attack vectors, infrastructure attack vectors … there are many ways to compromise systems. It varies between projects and between systems. You can’t proceed through planning with assumptions only, because you won’t get it right, you won’t recognize what the risks are.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/broken-cite.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/broken-cite.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/broken-cite.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8222/broken-cite.png" style="width: 100%; border: 0;" alt=" " title=" "></source></source></source></picture></p><p><b>Do you have specific recommendations?</b></p><p><b>Garett</b>: That depends on the project and on the system. I’m going to sound like a broken record, but the primary recommendation is to do the threat modeling and risk assessment because without that, you don’t know what your maintenance requirements are.</p><p>Some organizations have done their risk assessment upfront only to decide that the legacy systems didn’t represent much of a risk. The worst-case scenario isn’t so bad if someone were to attack them. Those legacy systems can be left as-is because no serious damage could be inflicted, while there might be other systems within the company and network that are much higher priority and that deserve full attention.</p><p>Risk assessment is also a cost-saving measure, because companies can use it to define their liabilities and then prioritize their maintenance efforts accordingly.</p><p><b>To go back to the question, which was how to integrate security into the software development cycle without slowing down the project, is that a catch-22? If it requires more time, people, and maintenance, do we run around in circles? Or is the solution to do it upfront so that you can plan for the right amount of people and a realistic timeframe, so things go smoothly?</b></p><p><b>Garett</b>: If this software is expected to be secure, the question becomes “How do I write fully-functioning software without slowing down the dev cycle?” And that is the fundamental problem that every project manager faces, whether they’re talking about security or anything else. How do you plan the development of software that functions correctly, and how do you develop it on a tight schedule without introducing delays? You do that by planning for security upfront. If you treat it as any other feature, if you identify the important security requirements, then you can plan their development instead of circling back to fix an unsecured system.</p><p>It’s much more efficient and cost effective to do that little bit of work upfront and to bake it in as part of the planning and process. If you leave it for later, you’re basically thinking wishfully, hoping that it’s not going to be too much work to somehow magically make your system secure when you haven’t even identified what security means for your project and your system.</p><p><picture><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/develop-cite.400x0.webp" media="(max-width: 599px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/develop-cite.760x0.webp" media="(max-width: 999px)"><source type="image/webp" srcset="https://mirror.spiria.com/site/assets/files/8222/develop-cite.1039x0.webp" media="(min-width: 1000px)"><img src="https://mirror.spiria.com/site/assets/files/8222/develop-cite.png" style="width: 100%; border: 0;" alt=" " title=" "></source></source></source></picture></p><p><b>Thank you so much for your time, Garett. Your advice was straightforward and enlightening. Do you have anything else to add?</b></p><p><b>Garett</b>: I’d summarize some key recommendations and takeaways. Do the risk assessment upfront to identify what your highly valuable assets and your potential liabilities are, treat security as a feature and add that in the project planning. It won’t necessarily be hugely expensive. As a matter of fact, it’s probably much cheaper to do that first-thing. Develop with security in mind from the start, rather than trying to secure an unsecured system after the fact.</p><p>Organizations should start thinking about security concerns as a potential liability issue. One of two things will happen: either high insurance premiums will become part of normal operating costs, or companies will finally take measures to get security right by treating it as a priority from the get-go.</p></div>

<div><p>A quick search will turn up some solutions, but they all have limitations. For example, the solution outlined in this <a href="https://stackoverflow.com/questions/37542803/how-to-implement-checkbox-in-header-of-qtreeview">stack overflow question</a> only supports a checkbox and, even then, only one per table. Another <a href="https://www.qt.io/blog/2012/09/28/qt-support-weekly-27-widgets-on-a-header">proposed solution</a> also only supports a checkbox, but at least it’s a good place to start.</p><p>Taking our cue from the second source, we build on it with these goals in mind:</p><ul> <li>Support for any type of widget.</li> <li>Support for multiple columns, each having its own widget.</li> <li>Ease of use.</li></ul><h2>How It Works</h2><p>The trick is to have a custom header view (<code>QHeaderView</code>) that can be set on a table (<code>QTableWidget</code>) or list (<code>QListWidget</code>). The custom header view tracks the widgets used as headers for each column. The view also handles placing and resizing the widgets to fit within the header.</p><p>Since the widgets are drawn on top of the header, you should <b>not</b> set any title for that column, but instead use a widget that has a label. Since any widget is supported, you can create a container to place an additional label if the widget you want to use does not have one.</p><p>Placing the widget on top works because Qt paints parent-widgets before children. Since the additional widgets are children of the header view, they get painted after the header and thus appear on top of it.</p><p>The API to use the custom header is very simple. You just create an instance of <code>QHeaderViewWithWidgets</code>, add the widgets to the column (called “section” in Qt), and set the header view on your table. In short, it looks like this:</p><pre><code> // Create a combo-box for the header. auto col1_check = new QCheckBox("My checkbox"); // Create the header view with the combo-box for column 1. auto header = new QHeaderViewWithWidgets(Qt::Orientation::Horizontal); header-&gt;addSectionWidget(1, col1_check); // Create the table and set the custom header. auto list = new QTableWidget; list-&gt;setHorizontalHeader(header);</code></pre><h2>The Code</h2><p>The C++ code you need to put widgets in the header of a table is available in <a href="https://github.com/pierrebai/QtAdditions">this public repository on GitHub</a>.</p><p>An example of an application using the custom header view with sub-widgets is available in the same repository, in the <code>examples\ExampleListHeaderWidget</code> folder.</p></div>

<div><p>With the sudden increase in cases of the delta variant, we’re not out of the woods yet. This curveball means we may well have to reconsider the lifting of sanitary restrictions. Companies are compelled to postpone the reopening of their offices, often set for September, to early next year. A few days ago, Apple announced to its employees worldwide that they were not expected to return to the office until January or even later. Other big tech firms such as Amazon and Google followed suit.</p><p>Just as we were seeing the light at the end of the tunnel, several factors lead us to believe that companies may have to push the date out yet again. When teleworking was introduced, executives saw this mass transition as a temporary measure. Eighteen months into it, this short-term solution has become the new normal. With no guarantees as to when we might return to the office under normal conditions, it certainly seems that post-pandemic work life will look nothing like before. Companies are trying to imagine the new environment, with many advocating for hybrid work models.</p><h2>Telework is here to stay</h2><p>Given that talent acquisition and retention is increasingly competitive, especially in the tech industry, companies do well to listen to how employees see themselves working in the future. Many recent studies reveal that not all are after the same thing. According to a Zenefits study (1), 36% of workers want to be in the office every day, 43% want to come in occasionally or as needed, while 23% prefer teleworking full time. What’s more, some employees claim they would resign rather than return to the office. To sum up, there is no single, one-size-fits-all solution for companies in post-pandemic times. In the same way that they adapted by successfully shifting operations, they will have to keep exercising flexibility.</p><p>The inescapable fact is that telework in the service industry is here to stay, even among those companies who were previously reluctant to embrace it. Telework allows them to reduce their real-estate expenses — a major benefit for startups who don’t have to spend precious capital on maintaining a traditional workspace. Working outside of the office has many advantages for employees as well, who cut commute costs, free up personal time, and enjoy a better work/life balance.</p><p>This new work model is a great asset in attracting new talent from a larger pool of candidates, including workers with disabilities or those who don’t live within commuting distance. Results published by Zenefits show that companies who care about retaining employees and are concerned with their quality of life will adapt to a workforce that falls in three camps: those who return to the office as before the pandemic; those who come in occasionally; and those who stay home. This new arrangement presents several challenges, chief of which is upholding the company’s culture.</p><h2>Organizational culture, the glue that holds everything together</h2><p>Though work culture is at the core of a company and many take it to heart, few could actually put it into words. It usually takes the form of an unoriginal bulleted list of generic values, based on ethical principles akin to motherhood and apple pie, and a commitment to greater social and environmental responsibility. Though intangible, corporate culture is in reality much broader as it is founded on organizational planning and practices. It is a group phenomenon that permeates interactions in the workplace and guides decision-making and reaction to change. It is essential to an organization’s sustainability and to the upkeep of a collegial work environment. Yo-Jud Cheng, professor at the Darden School of Business, illustrates this by saying “organizational culture is the glue that holds everything together” (2).</p><p>Some companies have a siloed, opaque, closed-door culture that many would hesitate to join, while others are fun and creative. Some are appealing and promote a sense of belonging, while others turn people off. Whatever the company culture, being proactive maintains and improves it, all the more so because those events that kept it going, such as chats around the watercooler, team outings, or pizza lunches have disappeared.</p><p>Working solo in an improvised home office can cause feelings of isolation and disconnection among employees. Some are used to working in a micromanaged, structured environment and find it difficult to work independently, while others have a hard time exercising enough discipline to get down to work when they are alone. Teleworking is not for everyone. Employees who struggle most will opt to get back in the office, whereas others are quite happy with this work style. They blossom and appreciate the benefits such as hours and hours of time saved now that they no longer have to commute.</p><p>The challenge lies in merging all of this, in finding systems that won’t leave anyone behind but will unite everyone in feeling like they’re working for the same company. How do we maintain and bolster cultural practices among employees spread to the wind? One thing seems certain: we will have to double down on our efforts when the pandemic is over.</p><h2>Maintaining and enhancing culture in the new paradigm</h2><p><b>Spell it out.</b> Never pass up an opportunity to communicate your vision statement, your narrative and your commitments, and everything else at the core of your business that forged your culture and the way your work is done. Clearly define the expected behaviours and standards. Do it systematically with each new hire. Who are we, where did we come from, where are we headed and how will we get there? State and restate your mission. Emphasize what you hold as best practices in your corporate culture and bring visibility to positive contributions.</p><p><b>Communicate.</b> A golden rule of internal communications is to not be afraid to repeat yourself. Keep everyone informed. Communicate, communicate again, then communicate some more. Good communication is regular, transparent, consistent and open to discussion. If the old methods no longer work, find new ways to get the message across. Managers’ communications should aim to be clear and to give employees a sense of physical presence. Remote workers should receive the right amount of information and understand it. With employees scattered about, these principles are that much more critical in order to gather everyone around an organizational culture. Regular, well-formulated communication is as essential with remote workers as it is with those a few meters away.</p><p><b>Stay vigilant.</b> In the MIT Sloan Management Review, professor Jennifer Howard-Grenville rightly states that “perhaps as important is calling out affronts to culture. When managers don’t visibly censure practices that depart from the desired culture, the boundaries of culture are not well defined” (3). The CEO’s vision embodies the company’s culture, and safeguarding it should be everyone’s business, not just the responsibility of Management or the HR department.</p><p><b>Culture is not carved in stone.</b> Businesses are in constant motion as external circumstances and the company’s own growth present new challenges. Its employees, who are its cells, are always renewed. Think back to your own company a few years ago: it is no longer the same today. It will have changed, especially in the wake of success. Though some ethical principles are immutable, culture can’t remain stagnant. Cultural traits must adapt to meet changing circumstances and the company’s evolution.</p><p>Sometimes there is no choice but to transform oneself, during this lockdown for example, when many practices that used to contribute to company culture and team spirit came to a halt. It’s a good time for new ideas and creative solutions to come into play. It takes mettle but also tact to question outmoded cultural characteristics to bring about change that sometimes stirs strong feelings.</p><p><b>Reassess your tools.</b> Lockdown may have quick marched you down the path to digitization. Perhaps now is a good time to evaluate the usefulness and effectiveness of your tech tools and see whether they are really suited to your internal and external teams’ new ways of working. Take a look at data security risks related to each new tool. Finally, hybrid– and telework are an opportunity to optimize costs and invest in systems modernization.</p><p>When the organizational culture is aligned with your objectives and colleagues share a passion for your vision, the foundation for your company’s success is in place. It’s never too early to set up a corporate culture that supports your company’s strategy and strengthen it with sound leadership and communications.</p><p>—</p><p>(1) <a href="https://www.zenefits.com/workest/">www.zenefits.com/workest/</a></p><p>(2) <a href="https://ideas.darden.virginia.edu/global-workplace-cohesive-culture">ideas.darden.virginia.edu/global-workplace-cohesive-culture</a></p><p>(3) <a href="https://sloanreview.mit.edu/article/how-to-sustain-your-organizations-culture-when-everyone-is-remote/">sloanreview.mit.edu/article/how-to-sustain-your-organizations-culture-when-everyone-is-remote/</a></p></div>