One cool feature of Kerika is that you can get a 6AM email @ndash; local time, no matter where you are @ndash; that summarizes all the tasks that are overdue for you, due today, and due tomorrow.
And, if you are a Project Leader on any team, your task summary email can also include all the items that are overdue, due today and due tomorrow across the entire team @ndash; even if you are not assigned to those cards. (It’s an easy way for Project Leaders to plan their day.)
Now, these emails got a little smarter: if you move a project to Trash that still has outstanding due dates on cards, these are no longer included in your task summary email.
We learned about the bug just like you did: through news reports early on April 7th. Heartbleed was a “zero-day” bug, and the OpenSSL team put out an updated (patched) version of the OpenSSL protocol the same day, which meant that everyone, everywhere, had to scramble to get their systems patched as quickly as possible.
(And the bad guys, meanwhile, scrambled to grab sensitive information, with the Canadian tax authorities being among the first to report that they had been hacked. Of course, “first to report” isn’t the same as “first to actually get hacked”. Most people who got hacked either never found out, or never said anything…)
Kerika uses OpenSSL too, and our immediate concern was updating the Elastic Load Balancer that we use to manage access to our main Amazon Web Services (AWS) servers: the load balancers are where OpenSSL is installed; not on the Web servers that sit behind the load balancer.
Using Amazon Web Services turned out to be a really smart decision in this respect: Amazon just went ahead and patched all their load balancers one by one, without waiting for their customers to take any action. In fact, they patched our load balancer faster than we expected!
Patching the load balancer provided critical immediate protection, and gave us the time to do a more leisurely security review of all our operations. This was long overdue, it turned out, and so we went into “housecleaning mode” for over a week.
One part of this, of course, was updating all our Ubuntu Linux machines: Canonical Software was also very prompt in releasing a patched version of Ubuntu which we loaded onto all of our development, test, and production services. So, even though the OpenSSL vulnerability had been patched at the load balancer, we also applied patches on all our development, test and production servers even though these couldn’t be directly accessed from the Internet.
Next, we decided to clean up various online services that we weren’t actively using: like many other startups, we frequently try out various libraries and third-party services that look promising. We stick with some; others get abandoned. We had accumulated some API keys for services that we weren’t using any more (e.g. we had a YouTube API key that no one could even remember why we had gotten in the first place!), and we deactivated everything that wasn’t actively been used.
Closing unneeded online accounts helped reduce our “attack surface”, which adds to our overall security.
And, of course, we changed all our passwords, everywhere. All of our email passwords, all of our third-party passwords. All of our online passwords and all of our local desktop passwords. (On a personal level, our staff also took the opportunity to change all their banking and other online passwords, and to close unneeded online accounts, to reduce our personal attack surfaces as well.)
We got new SSL certificates: from Verisign for our production load balancer, and from GoDaddy for our test load balancer. Getting a new SSL certificate from Verisign took much longer than we would have liked; getting one from GoDaddy took just seconds, but on the other hand, Verisign does have a better reputation…
We reviewed our internal security policies and procedures, and found a few places where we could tighten things up. This mostly involved increased use of two-party authentication and — most importantly — further tightening up access to various services and servers within the Kerika team. Access to our production servers is highly restricted even within the Kerika team: we use AWS’s Identity & Access Management service to restrict access using roles and permissions, even within the small subset of people who have any access to the production server.
Finally, we are adding more monitoring, looking out for malicious activity by any user, such as the use of automated scripts. We have seen a couple of isolated examples in the past: not malicious users, but compromised users who had malware on their machines. Fortunately these attempts were foiled thanks to our robust access control mechanisms which manage permissions at the individual object level in Kerika — but, like every other SaaS company, we need to be vigilant on this front.
All of this was good housekeeping. It disrupted our normal product development by over a week as we took an “all hands on deck” approach, but well worth it.
For a major upgrade project at a municipal planning department, a team spread from Washington to Minnesota, used Kerika to successfully manage document reviews, technical questions, issue management, and key tasks. Dennis Brooke has the story on cloudPWR’s blog.
And this is just the beginning: expect much more in terms of a Kerika+Box integration!
For a major upgrade project at a municipal planning department, a team spread from Washington to Minnesota, used Kerika to successfully manage document reviews, technical questions, issue management, and key tasks. Dennis Brooke has the story on cloudPWR’s blog.
And this is just the beginning: expect much more in terms of a Kerika+Box integration!
Kerika is starting to get used in larger organizations more: big global companies, and state and local governments, and as we move into these types of user communities we are finding that people are more likely to create large numbers of projects.
(On average, people create 4-5 projects if they are relatively passive users of Kerika, while more active users — like Project Leaders — might create 30-40 projects over a couple of months.)
To make this smoother, we have been improving the performance of the creation of new projects, as well as the copy-paste function for projects.
It turns out both are closely related, so improving one should help with the other!
One of our oldest features has outlived it’s usefulness…
(No, we didn’t actually shoot this dog. Or any other dog.)
We have something we call the “Render Server”: it’s a separate server from the rest of Kerika, and it’s sole purpose has been to create thumbnail images of Whiteboard projects.
This feature was originally built to make it easier for people who created rich, layered Whiteboards — boards where canvases are contained with other canvases, like the amazing Foundation for Common Good Whiteboard project created by Charles Fraser‘s team (in the UK, and worldwide) which looks something like this:
Foundation for Common Good
This is just a partial view of the top-level of a series of canvases, layered within each other to create a rich, multi-media world.
The Render Server helped people understand that some shapes on a canvas contain other canvases within them: for example, if you hovered your mouse over one of the circles on this canvas, you could see — somewhat dimly — a thumbnail of the canvas that was contained within that page:
Showing layered pages
This feature was also used when you added canvases to cards on Task Boards and Scrum Boards: the card details dialog would show a thumbnail of the canvas, like this
Thumbnail image of a canvas attached to a card
This feature was cool, and made for great demos, but it was ultimately not all that useful in a practical sense.
(And that’s true for a lot of cool ideas: things that make for great demos don’t always provide great utility in regular use.)
The thumbnails were too small to be of much use on Whiteboards, and when shown on card details for Task Boards and Scrum Boards they just took up too much space.
So, it’s buh-bye to the Render Server: a cool idea, whose time seems to have passed.
(No, really: we didn’t shoot the dog! We promise!)
Our next update to the Kerika software, scheduled for release this weeekend, will have a bunch of minor styling updates — over a hundred styling changes, in fact.
Most of these are fairly subtle; it’s quite likely you will not notice over 90% of them at all, because this new release is really a UI cleanup effort rather than a big feature release.
Over the past couple of years Kerika had acquired some “UI crud”: little inconsistencies in the fonts, colors, and interactions that had build up over time as you release new features, and we have been releasing new functionality every 4-6 weeks for over 3 years now. It’s like barnacles on an otherwise beautiful wooden boat…
(Not us, but somebody else, polishing somebody else’s boat.)
For example, we found there were minor variations in shades of grey throughout the app: a light-grey shading in one place was off by an octect or two from a light-grey shading in another place. A tooltip was missing from one button here or there, or a tooltip wasn’t phrased as well as it could have been.
Taken individually, these are very trivial indeed — and, unless you examine the entire UI with a magnifying digital color meter, like we did, you wouldn’t have found these tiny inconsistencies, but they can have a cumulative effect that makes the UI seem vaguely fuzzy. (Just like barnacles, if left un-scrapped, can slow down even the most beautiful boat.)
The most visible change we made is the card details display: what you see when you open up a card on a Task Board or Scrum Board
New Card Details dialog
This display is cleaner than what we used to have: it has a more consistent appearance with the rest of the Kerika user interface, and gives equal prominence to all the user interface elements within this dialog — because all of these elements are, in face, equally important to users. Our previous design gave undue prominence to Details, Attachments and Chat, which reflected nothing more than the historical evolution of the Kerika software; now, everything about a card is equally accessible.
The layout is also a lot cleaner: unnecessary decoration has been eliminated, and the overall style is more “flat” (i.e. in keeping with Microsoft’s Metro/Modern design styling, which even Apple has now adopted for iOS 7).
Since Kerika is built on top of Google Docs and Google Drive, any problems with Google Apps can affect Kerika.
This doesn’t happen very often, but today Google Apps did suffer an outages, and a total of 14 Kerika users were affected. (We have written to each person affected to apologize!)
This dashboard is a handy way to keep track of the health of Google Apps.
We are often asked to advise our users on workflow: it isn’t a primary business of ours – we prefer to build partnerships with process consultants who can provide great services – but the insights we garner from these brief, often unofficial engagements do heavily influence our product design and roadmap planning.
Recently, we have been helping a large industrial company rethink it how it processes requests that come into its various engineering teams, and as a result reorganize its workflow so that there is optimal flow of work across its various design and engineering teams.
Background:
The company is based in North America, and operates on a 24×7 basis all year around, which isn’t unusual in industries that need continual production in order to fully utilize their very expensive equipment. As a result, their “distributed team challenge” was a little unusual: the teams weren’t distributed by location, but by time.
Every aspect of the companies design and engineering functions – which involved highly specialized teams – needed to be replicated in a day shift and a night shift so that work could be handed off continuously throughout the 24-hour cycle. And, that extended to weekends as well: some folks got a “regular weekend” (i.e. Saturday and Sunday off), while others got “staggered weekends” (e.g. Monday and Tuesday off).
Challenges:
In many respects, these teams had collaboration challenges that match those of a US-India distributed team, e.g. a team based on the US West Coast trying to collaborate with a team based in India, and having to deal with a 12.5-13.5 timezone difference (the variation comes from Daylight Savings Time, which isn’t observed in India.)
This 24×7 challenge was relatively straightforward: we have a lot of experience with helping US-India distributed teams work efficiently – based on our own experience, of course.
A different challenge had to do with streamlining the work of the multiple design and engineering teams involved: work requests were coming in from all directions, some through official channels like project planning meetings, and others through unofficial channels like hallway conversations, and in the absence of a clearly defined process to triage new requests, the various teams were feeling randomized.
All these requests were coming in, unfiltered and without any prior review, into a combined backlog that was being used by multiple teams, each of which would normally work independently, often in parallel with each other, and sometimes sequentially (serially) with each other.
Solution:
The solution we proposed was to create another Kerika board that sat upstream of the main engineering board.
This board was used to capture ideas and triage them, and ensure that only complete, appropriate requests made it to the main board’s backlog. This upstream board also helped divert single-team requests to other boards that were created for handling work items that were not cross-team or cross-functional.
The entire process was captured as a Kerika Whiteboard, as illustrated below:
Workflow for a multi-team industrial company
Let’s take a look at this entire flow, piece by-piece:
At the top, we have requests coming in: formal requests initiated at project planning requests, and informal requests that originated in stray emails, unexpected hallway conversations, etc. All of these are captured as cards on a Planning Board organized with these columns:
New items :: Under Review :: Accepted by Business :: Accepted by Project :: Needs Rework :: Rejected
We recommended that a single person be designated as Business Owner, and tasked with doing the initial Business Triage of new cards:
Initial Business Triage
The scope of Initial Business Triage is fairly limited: the Business Owner was asked to examine each new card, on a daily basis, and determine whether it qualified as Accepted by Business, Needs Rework, or Rejected.
Enough new ideas came into the organization that a daily review was recommended, and, importantly, the Business Owner was asked to move cards from New Items to Under Review so that people visiting the board at any time (of the day or night!) could see that their requests were in fact being worked on.
And, equally importantly, people could see the overall volume of requests coming into the organization, and adjust their expectations accordingly as to how promptly their own requests might be processed.
To further emphasize transparency and build support for the engineering teams, we recommended that the Planning Board include as many stakeholders as possible, added to the board as Visitors.
As noted above, the goal was to determine whether a card could be Accepted by Business or not, and for this the card needed:
A sufficiently complete description for the work to be handed off to the engineering teams;
To be within the plant’s overall scope and mission (as with most industrial companies, there were several large plants, each with a distinct mission);
Have budget clearance.
This arrangement helped us achieve two important goals
Encourage the promiscuous sharing of ideas, while simultaneously
Ensuring new ideas met a minimum standard of completenessand relevance.
If an idea was within the organization’s scope/mission, but lacked sufficient detail or the appropriate budget approval, it was marked as Needs Rework. And if an idea was clearly outside scope, or had no chance of being funded, it was Rejected.
Another key consideration was to discourage people from setting Due Dates on cards early in the process: delaying the setting of deadlines, until the work reached the teams that would actually commit to delivery, helped preserve flexibility in scheduling and allocating resources.
Once the Business Owner did her initial triage of new work, cards were picked up by the designated Project Manager:
Initial PM Triage
The Project Manager worked off the same Planning Board as the Business Owner; she picked up cards that were Accepted for Business. Her goal was to determine the likely impact of each work item, and, critically, to channel the work to either one of the single-team boards, or to the Joint Production board:
Channeling work to the appropriate boards
The Project Manager’s review focused not on business utility (since that was handled earlier by the Business Owner), but rather on identifying whether the work request was likely to affect a single team, or multiple teams.
If the work was likely to affect only a single team, the card was moved to that team’s Kerika board using a simple Cut-Paste operation.
If the work was likely to affect multiple teams, it was moved to the Joint Production Board, which was organized with these columns:
Backlog :: In Progress :: This Week :: Today :: Commission
Tags were used to identify the team involved; since the Joint Production Board typically had hundreds of cards at any point in time, and dozens of team members, this was essential for quick reviews by individual Team Members who wanted to filter out their team’s work items.
As team members became available, they looked first to the Today column to see if anything was marked as Ready to Pull.
If there was nothing in the Today column that was appropriate for the individual person’s skill sets, the person then looked to the This Week column for items that were Ready to Pull.
As an item was taken up by an individual Team Member, she would put her face on the card, to signal to the rest of the team that she had taken ownership of the work.
As work got done, the work product (design documents, engineering plans, etc.) were attached to the cards.
As questions arose, or handoffs were made between team members or entire teams, Kerika’s integrated chat was used to communicate on the cards themselves. (And this is where the 24×7 operation really started to hum!)
Where appropriate Due Dates were set. We had noted earlier that we discouraged people from setting Due Dates at the time they requested new work, to preserve flexibility for the production teams; at this stage it was now appropriate for the teams to make date commitments.
Since all the work that reached the Joint Production Board involved multiple teams (by definition), the card details were updated to reflect the interim deadlines, e.g. the deadline for the Design Team to hand-off something to the Electrical Engineering team.
Once work was completed on a card, it was moved to the Commission column where the final deployment was handled. After that, the card would be moved to Done, and periodically (once a week) the Done column was swept off to another ProjectArchive board.
Occasionally, work would be shunted off to Reserve Backlog: this contained ideas and requests that were plausible or desirable in general terms, but had no realistic chance of being implemented in the short-term.
Workflow for a multi-team industrial company
Key Lessons Learned
Some aspects of this workflow design should be of interest to teams in other industries and sectors:
The use of a Planning Board to act as a way station for ideas and work requests, so that the main boards of the individual teams, as well as the Joint Production Board were not disrupted.
The way station helped ensure that only complete work requests went on to the engineering boards.
The way station encouraged people to contribute ideas and improve them before they were sent to engineering.
Encouraging people to contribute ideas, by making the Planning Board open to a wide group of people who were given Team Member rights (i.e. the ability to add and modify cards).
Separating the roles of Business Owner and Project Manager, so that the business evaluation was distinct from the implementation evaluation.
Separation of individual team boards from the joint production board, so that single-team requests could get processed faster than they would have, if everything had gone through a single pipeline, on a single joint production board.
The user of a Reserve Backlog, to hold on to ideas that the teams might wish to revisit in the future.
What do you think?
We would love to hear your thoughts on this case study!
Global, distributed, agile: words that describe Kerika, and WIKISPEED.
WIKISPEED is a volunteer based green automotive-prototyping company that’s distributed around the world and coming together on a Kerika board to design and build safe, low-cost, ultra-efficient, road-legal vehicles.
We first visited WIKISPEED in the summer of 2012, as part of our research into the needs of distributed, agile teams.
We found huge walls covered with sticky notes:
Dedicated volunteers….
And the irrepressible Mr. Joe Justice himself:
Today, WIKISPEED uses Kerika’s Scrum Boards to organize itself (you can see them at kerika.com/wikispeed):
This transformation has helped knit together folks from around the world: the Kerika boards are now used by WIKISPEED volunteers in the United States, Canada, Europe and New Zealand to communicate and collaborate. A great example of how Kerika can help bring together a globally distributed agile team!
(And, by the way, Kerika was a proud sponsor of the WIKISPEED car that was built for the Future of Flight Aviation Center in Everett, Washington ;-))
