There is much to be said about security, and certainly the independent developer needs to be just as mindful of potential flaws as the corporate developer in a team environment. This list is for every developer to consider. I was amazed to find a couple of practices in the Top 25 that I have, at one time or another, been guilty of doing.
The list categorizes the top 25 into categories of “Insecure Interaction Between Components“, “Risky Resource Management” and my personal favorite, “Pourous Defenses“. The errors themselves are related to a “CWE”, or Common Weakness Enumeration which is described in detail on the CWE website. For example, one of the Top 25 in the “Pourous Defenses” category is identified as CWE-259 Hard Coded Password. Reviewing the entry regarding the CWE-259 I believe begins to reveal the significance and usefulness of this Top 25 list to ALL developers.
Personally, to be honest, I might not have paid much attention to it had it not been called to my attention by my son who has been involved in the project for months. I hope readers of this blog find the material useful themselves. Oh yes, it is estimated that some 85% of the criminal activity on the internet have resulted from these Top 25 “NOT best practices!” in coding.]]>
These are decidedly difficult times, and it looks like they won’t be going away very soon. If you are a custom application developer what is your next step? What will be your future? How do you sell your services? Will you be able to? …and for how much?
My recommendation regarding your service pricing during this time is “Don’t Discount!”. Yes, potential clients might be looking for bargain basement pricing, but as an independent who offers a valuable service to your clients it is best that you maintain your value. If you are one who quotes hourly rates especially don’t discount! My recommendation is to get away from the hourly pricing and instead make it a practice to set a fixed price for a well defined task. Base that fixed price upon your best estimate, but make it a price that will be attractive to the client — and then get the job done well when its yours.
I’ve found that often a potential new client doesn’t stop to think about the extra expenses that an independent is faced with — and I don’t hesitate to remind them that much of my education which allows me to provide them with my service is the result of many hours and dollars invested in training programs, software and hardware. Every new software release must be tested, software updated, tested again, and new functionality learned — all during non-billable time! When a new operating system is released that too adds to the non-billable time spent in educating self.
It’s easy to forget what it takes to provide quality service to clients, but you owe it to yourself to value your services properly. Did I remember to say “Don’t Discount”?]]>
My find? “The myth of being successfully solo in business” is a brief article that caught my eye and started me thinking about just how dependent an “independent” software developer is. Let me explain a bit without (hopefully) you not reading the linked article.
The article explores what is described as “…the myth of the successful solopreneur…”, and explores also how “…we can’t do it ourselves”. Now, THAT is something I’ve realized over and over again through my years as an independent software developer! However, my memory gets pretty short with certain learning I’ve noticed, and especially when faced with this myth!
The impossibility of doing all the things yourself that are provided for you when you are an employee seems to escape many of us self-employed, and often we think we’re some kind of super human who CAN do it! I’ve personally had one of those reminders recently as the result of my wife’s broken ankle back in mid May. Since the time of her injury, ALL of the household responsibilities AND the income producing responsibilities have been on my shoulders.
Fortunately, I don’t have an office out of the home that I have to go to – but I do have the occasional visit required to my local customers. All of these activities have at times been very much overwhelming — and certainly indicative that I “can’t do it” solo. Through this period I have met with exceptional understanding from my clients and considerable help with meals prepared by friends and shared with us.
While what I refer to above might seem more personal than business related, I call it to your attention in light of the referenced article, and as another indication that being an independent software developer still requires others. Professionally I’m a part of the Northeast Dataflex Consortium, a dedicated group of professional developers who support each other in many ways. Those of us who are independent software developers are also dependent upon our vendors, customers AND indeed all of those around us in some way.]]>