On tech debt, threat modeling, and the four categories of needs 💡
Monday 3-2-1 — Edition #43
Hey, Luca here! welcome to the Monday 3-2-1 ✨
Every Monday I will send you an email like this with 3 short ideas about engineering management, technical strategy, and good hiring.
You will also receive the regular long-form one on Thursday, like the last one:
To receive all the full articles and support Refactoring, consider subscribing if you haven’t already!
p.s. you can learn more about the benefits of the paid plan here.
🐋 Skiller Whale
Before we dive into this week’s ideas, I am happy to spend a few words to promote a great product I have discovered recently.
Skiller Whale accelerates developer productivity by targeting the skills that matter through live team coaching.
Live team coaching gives developers a deep understanding of the technology they’re using, through hands-on group sessions, with individual feedback from an expert.
Skiller Whale is a key part of our long-term technology strategy and will help us continue pushing our innovation and strengthening our overall product offering.
— Meri Willians, CTO at Pleo & former CTO at Monzo
Skiller Whale is the single most valuable thing we offer to our engineers
— James Ramirez, CTO at Essentia Analytics
1) ✏️ Design sweet spot
Sometimes, tech debt is produced because the team designs a solution that doesn't properly fit business requirements, in a non-obvious way.
Requirements may still be met on the surface, but something is wrong under the hood — an abstraction that doesn't fit, some duplication, or scalability issues.
Most often, these issues do not happen because of poor development skills. They do because developers didn't fully understand what had to be done.
If this happens regularly, a natural response is to invest more in the design phase. This means more engineering analysis, but also more talking with stakeholders to discuss both the here and now, and the future evolution of the project.
Increasing the design effort brings diminishing results after a while, so it's up to you to find the sweet spot, based on your product maturity vs how much change you can expect in the future.
More ideas on how to handle technical debt 👇
2) 🚫 Threat Modeling
A threat model is the description of an application and its environment through security glasses.
So, threat modeling is the family of activities you pursue to identify threats, vulnerabilities, and design countermeasures to prevent or mitigate such threats.
Historically, designing for security has often followed the security sandwich approach: you address security during design, and you test things at the end. This is waterfall-ish, though, and it clashes with reality: specs often change during development, so you end up testing for things that are 1) incomplete, or 2) not relevant anymore.
Good threat modeling should be applied continuously throughout the whole development lifecycle.
You can find more techniques to implement a secure development process in this recent article 👇
3) 🏔️ The Pyramid of Needs
Gallup is one of the oldest US firms studying management and workplace dynamics.
By surveying more than 35 million people, in about 80 years of activity, it came to develop a model of their needs, called The 12 Elements of Engagement.
Such elements belong to four categories: Basic, Individual, Teamwork, and Growth Needs.
These categories form a hierarchy, which is somehow akin to the Maslow's pyramid of needs.
Let's have a look at the categories and the 12 elements.
🚶♂️ Basic Needs
Basic Needs are the baseline for any kind of performance. People can't work properly without having them met.
1 – I know what is expected of me at work
2 – I have the materials and equipment I need to do my work right
🏃♂️ Individual Needs
Needs about yourself and your individual contribution.
3 – I have the opportunity to do what I do best every day
4 – In the last seven days, I have received recognition or praise for doing good work
5 – My supervisor seems to care about me
6 – There is someone who encourages my growth
🤼♀️ Teamwork Needs
As human beings, we want to develop a sense of belonging to a larger group of peers. In this case, it's our team — and our company.
7 – My opinions seem to count
8 – Mission / Purpose of my company makes me feel my job is important
9 – Fellow employees are committed to quality work
10 – I have a best friend at work
🧗♀️ Growth Needs
Finally, people want to reach their full potential, and feel their job makes them grow personally and professionally.
11 – In the last six months, someone at work has discussed my growth with me
12 – In the last year I have had opportunities to learn and grow
I wrote how you can support these needs as a leader in this previous Refactoring article:
And that’s it for today! If you are finding this newsletter valuable, consider doing any of these:
1) ✉️ Subscribe to the newsletter — if you aren’t already, consider becoming a paid subscriber. You can learn more about the benefits of the paid plan here.
2) ❤️ Share it — Refactoring lives thanks to word of mouth. Share the article with your team or with someone to whom it might be useful!
I wish you a great week! ☀️