From the GitLab Data Team member, a first-face story about how the asynchronous way of working helps us manage the “chaos” (as folks usually think about remote work) in the 24/7 work environment. In this session, I like to demystify transparency and how it can leverage your success. The narrative is related to the Data team in GitLab and can be used for any matter. Will wrap the topics and guide you through: - Why transparency is an organic way to communicate and cooperate, - How to stay secure when you share everything or almost everything with the outer world, - How to leverage your data usage and still stay a good boy of the IT world, - What you should promise to your community
38. Transparency by Default - Security aspect
In alignment with our company value of Transparency,
focus of the security organization is:
to lead the most transparent security organization in
business today
40. Transparency by Default - what not to expose
● Vendor Audit Reports
● Procedures/Runbooks/work instructions containing sensitive or personal data
● Customer questionnaires
● Detailed control test results to include observations and remediation plans
● Gap analysis reports
● Project management documentation containing sensitive or personal data
● Security metrics
● Security KPIs
● Security OKRs
● Unmitigated vulnerabilities
● HackerOne vulnerability submissions post internal triage
● 3rd party penetration test full detail reports
41. Transparency by Default - Community aspect
Even as a public company, we know that our value of
transparency will be key to our success
42. Transparency by Default - Community aspect
By making information public, we can reduce the
threshold to contribution and make collaboration
easier
43. Transparency by Default - Community aspect
● Transparency creates awareness for GitLab
● Allows us to recruit people that care about our values
● Gets us more and faster feedback from people
outside the company
● Makes it easier to collaborate with them
44. Transparency by Default - Community aspect
We believe this cycle creates more value than it captures.
Software
Processes
Documentation
Lessons
Examples
Open
Source
48. Transparency by Default
Community aspect
1. Directness
2. Articulate when you change
your mind
3. Surface issues constructively
4. Transparency is most
valuable if you continue to do
it when there are costs
49. Transparency by Default
Community aspect
1. Directness
2. Articulate when you change
your mind
3. Surface issues constructively
4. Transparency is most
valuable if you continue to do
it when there are costs
5. Single Source of Truth
50. Transparency by Default
Community aspect
1. Directness
2. Articulate when you change
your mind
3. Surface issues constructively
4. Transparency is most
valuable if you continue to do
it when there are costs
5. Single Source of Truth
6. Findability
51. Transparency by Default
Community aspect
1. Directness
2. Articulate when you change
your mind
3. Surface issues constructively
4. Transparency is most
valuable if you continue to do
it when there are costs
5. Single Source of Truth
6. Findability
7. Say why, not just what
52. Transparency by Default
Community aspect
1. Directness
2. Articulate when you change
your mind
3. Surface issues constructively
4. Transparency is most
valuable if you continue to do
it when there are costs
5. Single Source of Truth
6. Findability
7. Say why, not just what
8. Reproducibility
53. Transparency by Default
Community aspect
1. Directness
2. Articulate when you change
your mind
3. Surface issues constructively
4. Transparency is most
valuable if you continue to do
it when there are costs
5. Single Source of Truth
6. Findability
7. Say why, not just what
8. Reproducibility
9. Transparency Competency
58. Single Source of truth - GitLab Handbook
The GitLab team handbook is the central
repository for how we run the company.
59. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
60. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
61. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
3. At GitLab, only 90 days of Slack activity is
retained. After that, it's gone!
62. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
3. At GitLab, only 90 days of Slack activity is
retained. After that, it's gone!
4. Handbooks, and the documentation that
creates them, are never finished.
63. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
3. At GitLab, only 90 days of Slack activity is
retained. After that, it's gone!
4. Handbooks, and the documentation that
creates them, are never finished.
5. A common belief is that a company wiki can
serve as a handbook, but the reality is that
wikis do not scale.
64. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
3. At GitLab, only 90 days of Slack activity is
retained. After that, it's gone!
4. Handbooks, and the documentation that
creates them, are never finished.
5. A common belief is that a company wiki can
serve as a handbook, but the reality is that
wikis do not scale.
6. Empower the entire team to evolve the
handbook
65. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
3. At GitLab, only 90 days of Slack activity is
retained. After that, it's gone!
4. Handbooks, and the documentation that
creates them, are never finished.
5. A common belief is that a company wiki can
serve as a handbook, but the reality is that
wikis do not scale.
6. Empower the entire team to evolve the
handbook
7. What goes in a company handbook?
Company / Building Blocks |
Groups/departments | The day-to-day
66. Single Source of truth
GitLab Handbook
Why it is important
1. As a team scales, the need for
documentation increases in parallel with the
cost of not doing it
2. Ideal time to begin a company handbook is at
inception, the next best time is today.
3. At GitLab, only 90 days of Slack activity is
retained. After that, it's gone!
4. Handbooks, and the documentation that
creates them, are never finished.
5. A common belief is that a company wiki can
serve as a handbook, but the reality is that
wikis do not scale.
6. Empower the entire team to evolve the
handbook
7. What goes in a company handbook?
Company / Building Blocks |
Groups/departments | The day-to-day
8. Make it public
68. What you should promise to your community
We will not share any of your details with us or
any 3rd party*
* you can think of some other companies, right?