Speaker at Critical Communications World 2018 in Berlin – Criteria for Mission-Critical Applications

January 5, 2019

 

critical-communications-world-panel-starting-tuukka-merilainen

Critical Communications World 2018 was held in Berlin. The event gathered cyber and physical security experts together and offered several stages for different speakers, including many world top critical communications professionals. My current employer Deltagon Group participated in the event in co-operation with the Finnish security cluster Critical Communications Finland.

I was truly honored to be one of the panelists discussing a very interesting topic: “Criteria for Mission-Critical Applications”. The panel was hosted by Airbus Marketing Director Tapio Makinen. Other panelist were: Jyrki Rantonen – Insta Defsec Oy, Jani Lehtinen – Secapp of Magister Solutions, Esa Suutari – Sunit and Marko Saukkola – Jolla.

During the discussions Tapio asked what kind of products the panelists’ organizations are developing and where the vision for the product came from in the first place. He was very curious about what the criteria of mission-critical applications were and what the most important things customers were demanding was.

Quite soon the discussion led to the topic of what the best practices to handle research and development of mission-critical applications were.

At the end of the panel a couple of audience questions were asked. One interesting question was “How can customers ensure that proprietary (or closed-source) software does not contain backdoors or that the overall security is at a high level?”. The question was something that I have been thinking about a lot, so I was eager to answer it and had an extensive answer ready. A separate blog post could be dedicated for this altogether, but in a nutshell here are the most important points:

  • First of all, to fulfill the criteria of mission-critical applications internal development process and infra has to be solid and well documented (not to forget skilled developers).
  • Internal quality and assurance process has to have many steps and code changes must be approved by different isolated departments/stakeholders.
  • Third party audits must be in place and regularly organized (of course the third party must be well known a trusted)
  • If the application is used by the public sector it is highly recommended that National Security Authority does the regular checks as well.
  • Finally, customers can do black-box security testing by themselves or hire security experts to do it.

Developing the Travel Blog – traveljael.com

January 1, 2019

A couple of months ago I got an inquiry for a freelance project to develop a travel blog for my existing client Jael. Last year I developed a personal portfolio jaelmaxine.com for her. Now she wanted to build up a new site which would focus on travel blogging. The site would be launched as traveljael.com.

Together we decided that the site should be based on WordPress. Key features/requirements for the sites were:

  • Fancy and modern layout which gives the reader a feeling of wanting to travel
  • Mobile usability priority 1
  • Smooth and flexible connection with traveljael’s instagram
  • Super easy content management features

API design and development

September 30, 2018

API developer featured image

As a developer in Deltagon I designed and developed couple of different REST APIs. All those cases were slightly different but shared one thing. I had to gather information about a problem we were actually trying to solve. I did it by asking the question “What is our problem or what kind of pains you have” from different stakeholders. I was a project manager in problem defining part. I planned, organized and leaded design sessions with our top of the line partners and clients. Real work started after the actual problem was defined. I designed also the technical part and started coding the APIs. With SCIM API I also had to ask help from other developers and we worked as a team when implementing the API.

List of the REST APIs which I have designed and developed that are now in production use:

  • SCIM (RFC 7644) API to manage provisioning via API for one of the Deltagon’s product
  • External API which let to fetch some basic data about products
  • Billing API which makes it possible to monitor billing related informationt from all Deltagon’s customers

APIs were built with Perl and MariaDB.

Personal portfolio website jaelmaxine.com

October 27, 2017

The client wanted to get a beautiful and elegant portfolio style website for personal marketing purposes. In the beginning of the project we did research of existing WordPress themes and chose the one which was close enough to desired result. The client wanted to be part of the development process and she drawed the basic layout of the site on paper. My job was to implement that layout with WordPress.

Finally when the layout was ready the customer provided contents and I added them on the site. We worked closely together during the whole process. The result is great thanks to seamless cooperation.

My main responsibilities as a developer were:

  • Handle hosting subscription for the website
  • Install and configure WordPress
  • Implement the website with WordPress according to the clients wishes
  • Edit images fit the website style
  • Add content provided by the client on to the website

Developing digital signature platform secSigned

September 14, 2017

Two years ago I started working as a full-time Software Engineer in finnish Cyber security company Deltagon. After couple of months our CEO pointed that we should develope solutions for digital signatures. I was very excited about the task and we started working with it immediately. I had lucky that I have just started workin in Deltagon when the company decide that new product should be done.

Today is 14.9.2017 and I am very proud of what we have made. We released digital signature solution called secSigned 29.9.2017. I was one of the key developers during the whole process from start to this point. I was also honored to be the one who introduced the solution for our key partners/customers.

secSigned makes it possible to easily get signatures for any type of documents. It is possible to sign documents by hand using touchscreen or with strong electronic authentication for example bank identifiers. The solution brings three different interfaces for starting the process: email API, responsive web interface and XML API. After the process has been started signers will get email invitations to sign the documents. The signing happens via tls capable web browser in responsive user interface which makes it easy to use with any type of device.

My main responsibilities as a developer were:

  • design and code frontend and backend for the webinterface
  • build statistics for admins
  • design and code various small features

If you like to read more about secSigned please go to read these post from Deltagon’s blog:
https://www.deltagon.com/blog/deltagon-launches-new-product-digital-signature-for-quick-electronic-services
https://www.deltagon.com/blog/quick-and-easy-esignature-with-deltagon-secsigned-solution

pxs.fi e-commerce site

March 29, 2017

I was asked to do a clean and modern e-commerce site. Main goal was to keep things simple and let the products step up. I was responsible for the technical implementation and design of the site.

Site stands for:

  • Clean modern design
  • WordPress + WooCommerce
  • Klarna
  • Custom design based on existing theme
  • 100% responsive

xcx.fi corporation site

November 22, 2016

AD-Productions Oy decided to move forward and they established new XCX-Productions Oy.  I was assigned to help with the company’s re-branding and especially take care of new websites.

New site stands for:

  • Simple modern corporation site
  • WordPress
  • Custom design based on existing theme
  • Single page
  • 100% responsive

 

Hullutyyli.fi e-commerce site

September 29, 2016

In this project I was responsible for the technical implementation.

The site stands for “Simple but stylish”.  Hullutyyli is clothing brand which is selling high quality urban clothes.

  • Simple but stylish e-commerce site
  • WordPress + WooCommerce
  • Klarna
  • Custom design based on existing theme
  • 100% responsive

Vastuu.fi association website

September 29, 2016

In this project I was responsible for the technical implementation.

Finnish Association vastuu.fi wanted to renew their websites to 2010’s. The main purpose was to make information readily available.

  • Clean and simple
  • WordPress
  • Contact form
  • Blogging
  • Custom design based on existing theme
  • 100% responsive

Espressoservices.fi

September 29, 2016

In this project I was responsible for the technical implementation.

Espresso Services (ESE), is an importer, reseller and technical service supplier of high quality espresso related products. Site stands for modern and clean style.

  • Clean and simple
  • WordPress
  • Custom theme
  • 100% responsive

Faktoi.fi e-commerce site

September 29, 2016

In this project I was responsible for the technical implementation.

Site was built to keep customers wish “Super simple and clean e-commerce site” on mind. The site is part of  the Finnish Tasoi record company Tasoi records. The company is headed by well-known Finnish rapper Mikael Gabriel.

  • Super simple and clean e-commerce site
  • WordPress + WooCommerce
  • Klarna & PayPal integration
  • Custom design based on existing theme
  • 100% responsive