Welcome to the latest edition of the Mitrais Newsletter in 2021.
While Covid-19 continues to cause issues and concerns across the world, particularly in Asia Pacific, it is comforting to know that there is now a defined path out of the pandemic for most regions. As the world starts to open back up post-vaccine, there is an ever-increasing opportunity to reinvent and reimagine the way we do business in the post-pandemic world.
We are pleased to see these positive changes in the business of our partners, and hope this change continues across the Asia Pacific region. In this edition of the Mitrais Newsletter, we are shining a spotlight on our clients, our team and on secure software development. We hope that you find our selection of articles interesting and informative.
Read about our clients IOOF, a large financial institution in Australia, enable scalability and the ability to deliver on major software development projects through their partnership with Mitrais. Mitrais has been involved in the development of IOOF’s new generation platform technology called ‘Evolve’, and we are proud to be part of their success.
With an increased expectation on new features and more frequent releases, Agile has become the method of choice for developers wanting to deliver for their customers. But how do you ensure the absolute best of security when delivering new releases at an ever-increasing rate? In our article on Developing Secure Software, we discuss the key considerations for those developing software using agile methodology, and how key considerations like Learning and Education, Quality Assurance and Certification can help ensure that your software is secure.
Finally, we would like to highlight Abubakar ‘Abu’ Siddiq, our Senior Management of Talent Acquisition and Development here in our Bali Head Office. From humble beginnings to miraculous opportunities, Abu’s story is quite remarkable and truly illustrates that passion is the best place to start with anything. His personal motto of “the more you give, the more you get” truly applies to anyone with a role in talent acquisition, and Mitrais is so proud to have Abu as part of our team and a member of our family.
Enjoy this edition of the Mitrais newsletter.
Delivering True Workforce Scale – IOOF
Enabling scalability is a key benefit delivered by working with Mitrais and has enabled IOOF to deliver on major software development projects that make a significant difference to their customers.
IOOF has been helping Australians achieve financial independence for over 170 years by offering quality financial advice, products and services to around 1 million customers across the country. Through the purchase of a number of competitors within the financial advice and services industry, IOOF is set to become Australia’s largest and leading wealth company, offering them the opportunity to increase financial literacy and financial wellbeing for their customers across the board.
Mitrais is involved in the development of IOOF’s new generation platform technology called Evolve. ‘Project Evolve’ will see IOOF’s existing platforms simplified and consolidated, and advisor’s heritage products migrated to the Evolve platform in 2021.
As Damien O’Donnell, the General Manager of Platform Technology & Architecture at IOOF Holdings Ltd states, “We decided we needed another way of scaling our IT workforce. We evaluated 5 nearshore providers and selected Mitrais based on a number of factors e.g., cultural fit, size & scale, IT skills and ability to grow skill sets”.
Mitrais and IOOF have worked together to establish a strong working relationship, as Mitrais offers IOOF the ability to work with a dedicated software development team that fosters a complimentary culture to their own, offers the size and scalability required for projects like Evolve and a wider range of skillsets available to work on projects that may require them. “I consider the Mitrais relationship to be growing in importance” says Damien. “We currently have the highest number of Mitrais staff working on our account we have ever done.”
IOOF has been able to extend their in-house development team and add to their existing IT skill base with the experienced and dedicated team of remote software developers available through Mitrais. According to Damien, “Mitrais has delivered IOOF true workforce scale within the Evolve 21 program of work”. Our dedicated software development team has allowed for greater capacity and spread across the development of the Evolve Platform, affording IOOF a strong position for new developments and future growth.
By offering a remote, flexible development team, Mitrais can deliver on a few of the core tenants of the IOOF business purpose – namely, “Understand Me, Look After Me and Secure My Future”. These are the core principles that IOOF deliver to both their advisers and their customers, and we are proud to be able to deliver those same benefits to IOOF themselves.
Balancing Agile with Serious Security – Developing Secure Software
Security in software development can no longer be a “nice to have” or an afterthought. Security must be front of mind whenever we are producing software solutions, whether that be in PWA, Desktop software solutions or mobile apps. We know that there is a rise in ransomware and cyber-attacks, and we often hear about data leaks, even from organisations that hold the most sensitive of data.
Developing secure software takes a laser focus from the outset of any project, as well as a massive effort on behalf of all contributors to ensure that security is embedded in every single part of a software development project.
How Agile Development Impacts on Security
With the increased expectation on new features and more frequent releases, Agile has become the method of choice for developers wanting to deliver for their customers. The challenge comes in maintaining high security standards alongside the rapid pace of development. With new releases going out more regularly, and the expectation on the business being that this will continue indefinitely, security can become an afterthought to functionality and stability of the new release. Security measures need to be adapted to the agile process, rather than hindering the development progress. Integrating specific security guidance and tools for teams at all stages of development, from requirements capture to testing, is key to providing a secure software solution that meets the business needs for releases.
Learning and Education
Developers must show a willingness to adapt to the realities of modern software security. Providing proper training for your development team is a great way to encourage and expand their skills. Regular activities where developers can analyse a project from the perspective of a hacker and literally try to break in to the software provides practical hands-on experience for your team with the flaws in the software, and is more likely to ensure they don’t make the same mistakes again. By continuing to highlight the importance of secure software development through regular activities, you ensure that it remains front of mind for all developers.
Quality Assurance (QA)
QA is no longer relegated only to the QA Team. All code in a software solution should be reviewed by your developers, with a focus on overall security, before turning the project over to QA. Daily unit testing and peer review helps to mitigate the ‘tunnel vision’ often experienced by developers and ensures that minor errors can be caught early and save your software from attack. A check for convoluted code will also help, as the simpler the design, the easier it is to make it secure. The more complex the project, the more holes you may create that need to be fixed. A dedication to security as part of the QA process ensures strong checks and balances for organisations that fall into the existing regular cadence of operation.
Security isn’t only about what you say, but about how you prove it. Certification such as ISO27001:2013 is a peak security certification offered in the software industry and demonstrate a commitment to all aspects of security within your organisation.
ISO stands for the International Organisation for Standardization and has been a major global player in ensuring quality and safety in both products and services in international trade. ISO27001:2013 is the standard for “Information technology, security techniques and information security management systems”, and it ensures that any certified organisation developing software has a framework of policies and procedures that control information risk management.
ISO27001:2013 Certification is often a mandatory requirement in any bid or tender for the implementation of or build of a new software solution, driven by the IT team, CIO or Risk Officer in larger organisations.
Mitrais’ IT Operation is ISO27001:2013 compliant and certified, meaning that we can offer our partners the confidence that we take a systematic approach to managing risk, and have documented processes to cater for any eventuality, including data breaches and security scares. ISO27001:2013 Certification ensures that you have peace of mind, and that security is front of mind in the organisation.
Security simply cannot be an afterthought for software developers. It must be a multi-level approach across the organisation to ensure that you are developing secure software that meets the demands of your business operations, without compromising the data of your customers. Hacking and cybercrime is not going to suddenly stop, and so the responsibility falls on organizations to ensure that their software is secure, and security is embedded in every part of the software.
If you agree that security in software development is not simply an afterthought or “nice to have” and want to ensure that your software is developed with security ingrained, speak to our team at Mitrais. Our software engineering team will help you in achieving your objectives, in line with the implementation of the best Agile practices. We would love to hear from you.
Abubakar (Abu) Siddiq – A Passion for IT in Unlikely Places
In this edition’s Featured Employee, we want to highlight the story of Abubakar Siddiq.
With a passion for reading that has truly shaped his career (and become digital over time!), and a love of caring for his cats, Abu has a true love of software which directly informs and empowers his role as Senior Management of Talent Acquisition and Development at Mitrais.
Born in Jakarta in 1971, Abu was born into a very middle-class family, his father was a civil servant in the Ministry of Public Works (now the Kementerian PUPR) and his mother was a homemaker. Despite being diagnosed with ADHD and learning difficulties earlier in his life, once Abu was able to read, he was completely unstoppable, as he powered through 32 volumes of Encyclopaedia Britannica, despite his limited understanding of English at that time. Since then, he reads daily and just about everything, and is even a member of The British Council Library.
It is this passion for reading that brought Abu to working in IT. In 1984 he began reading books on IT, particularly ones on Ashton-Tate Corporation (a US Based software company best known for developing the popular dBASE database application) as he continued to consume any books, he could get his hands on. It is from here that Abu fell in love with IT and software. Abu’s uncle, who worked for the Consulate General of the Republic of Indonesia in New York, bought him books on IT + an Apple Macintosh, and from there it was a logical step into programming. While Abu wasn’t quite yet aware of what programming was, he began replicating the concepts he found in books, which led to him getting some true understanding of programming and eventually getting freelance jobs to make ends meet.
It was years of programming and software design later that Abu went to university, despite Indonesia not having any kind of reputable IT degree at that time! Despite his lazy student attitude, he chose to study management, continuing on-and-off part-time jobs in programming. While waiting for Friday prayers, while once again reading a programming book, a man approached him and began a conversation on database programming. Long story short, this man owned a company nearby and gave Abu his first career opportunity in IT. From ‘the IT guy’ to ‘the IT consultant’ to ‘the IT project manager’ to a strategic management consultant and lecturer at Binus International and finally (for now!) Senior Management of Talent Acquisition and Development at Mitrais, Abu has grown and developed his career from meagre beginnings with plenty of hard work and an ongoing underlying passion for software and IT.
Having built many HR information systems in his previous career, Abu discovered a passion for developing talent in others, making the role of Senior Management of Talent Acquisition and Development an ideal fit for his skills and passions. Having learnt to communicate with anyone through a student exchange program in Germany in 1988, Abu prides himself on his ability to work well and communicate clearly with the many personalities and nationalities across the Mitrais business. His personal motto of “the more you give, the more you get” truly applies to anyone with a role in talent acquisition, and Mitrais is so proud to have Abu as part of our team and a member of our family.