A short return to being an educator
Originally published on LinkedIn on
Throwback Thursday
Sometimes history rhymes, and sometimes it’s just the tune you’re humming. Without paying attention to the calendar, I had a genuine throwback Thursday into the world of education last week. Expectations are bound to be broken in a high-speed work environment, and I learned that myself when I got the opportunity to hold a workshop on security and access management for students at Laurea University of Applied Sciences, a Finnish University. Before we get to the main topic (of course, that is some technical summary, what would you expect from yours truly), let’s have a short recap!
The road to being a presenter
Some years ago, in my previous life in Romania, I was very interested in volunteering, mainly as a technical trainer in coding and design. I have taught around 150 pupils and students, from the ages of 5 to 25, as a member of different organizations, informal events, or whenever I could share something of interest with people around me. Being an educator is quite tricky, but I keep myself to my utmost standards for everyone, with the goal of sparking interest in those few who are willing to either explore cautiously, give your attention enthusiastically, or challenge you respectfully. Even if sometimes you might get a group who feels compelled to be there and waste (their own) time, as the school system has efficiently eradicated the desire to learn, I agreed with all my fellow trainers (what, did you think I was doing this solo?) to give the core freedom to anyone attending to leave at any time. We are here to spark embers 🔥 in young ones, to teach them what skills they might want to have and give them the tools to acquire that practical knowledge (always practice before you preach, and that is especially valid for your demos). I’m teaching equally anyone who wants to listen, but the ones who really do are the ones I’m there for.
A new challenge arises
SSH Communications Security has historically been an essential player in defensive cybersecurity and currently rides in front of the new technologies and standards wave. Various up-and-comping quantum-safe algorithms have already been integrated with our solutions. We have a forward-thinking attitude regarding key management and are pushing ephemeral authentication (called keyless and passwordless in some circles). PrivX is a hybrid Privileged Access Management product which can stand as the core of a modern, zero-trust infrastructure for medium and large-scale organizations. We want to keep the UX up-to-par with the best experience in the wild, so we offer the recent Passkeys/WebAuthn as one of our features. With SSH being both a core player in the past, having developed the original version of the eponymous protocol, and a forward-looking company, the crucial question for a young developer remains - did you know SSH was a company? 😅 I certainly did not a few years ago, even if I have already visited our SSH Academy.
When I started as an intern to the PrivX team in SSH Communications last June, I had not imagined that, in less than a year, I would be back in front of a slide deck (virtually, this time) and sharing some technical knowledge I’ve acquired on the road. I moved from a QA role to a backend engineering one during this period. I was an intern, a trainee and currently, the resident thesis worker for the PrivX team. While when I started last summer, I was ready for a long release-cycle B2B product, I was happily surprised to find this SSH team working in a fast-paced way similar to my preferred startup environment. This has changed one unfounded belief and has shown me that the development cycle for even a mature product can be responsive, and independence can be just as valued.
I like to be proactive, so when I heard I could present the product on a low-stakes stage, I took it to familiarize myself with presenting PrivX in the future. But what initially was just an exploratory session became a teaching opportunity in the world of Privileged Access Management, and such, a good introduction for technical university students into the world of a real software business, public key infrastructure, ephemeral keys and cutting-edge cybersecurity (not your old password rules anymore, right?).
Being almost two years since the last time I presented myself on the third slide, I was pretty nervous about getting back into my flow (and even got signalled for it 😬 by my colleague), but have soon regained the flow I was familiar to and I, surprisingly, haven’t even ranted. Fortunately, I had some active students and even managed to answer a few questions (even though the complete, correct answers would have taken more than the presentation itself). After going through the concepts, I had a small simulated catch-the-flag to catch the attention (see what I did there?) demo where I showed how PAM software can be used by a member of an organization who’s given temporary access to some computing resources.
What’s next?
I have to be honest with you - either nothing or more of the above. I am currently focusing more on the above topics as part of my Master’s thesis in Security and Cloud Computing, being a student at Aalto University. While I can see avenues for the future and would love to put in the effort to teach more people, for now, this is my next personal Great Filter. Fortunately, I am in an environment where I can get over the filter while contributing to the well-functioning of a relatively complex piece of software, so I don’t get drowned in academic references.