Technology

Three years at Qobo

Today is my third birthday as the Qobo CTO. Here are the summary posts for the first and second years, if you are interested.

I haven’t had a boring year at Qobo yet. And this last one was the most eventful and interesting, both business and technology wise. Let’s have a quick look at the business side of things first.

Since last August, here are some of the things that happened:

In October 2016 we opened the Limassol office. It’s mostly used by developers and for developers. But we had a few client meetings in there too. If things go as fast an good as they are going, we’ll need to either expand it soon, or move to the new premises.
In December 2016 we closed the deal with our first angel investors. That was quite a lengthy and tedious process, during which we spoke to a lot of organizations and individuals, went through a variety of checks and audits, and figured out answers to many questions that we’ve never asked ourselves. As a result, we found partners who not only brought the money in for the company growth, but a wide range of business expertise. Personally, I’ve learned a lot during and after this process, and hopefully will boost my understanding of the business world.
In March 2017 we received the confirmation that our application for the Research and Development grant from the Cyprus government and European Union was approved. This process also took quite a bit of effort and time and is far from over. This money will help Qobo to grow even further and once the tender is complete we’ll have quit a thing to show for it. That’s about as much as I can say now.
In May 2017 we opened the London office. This one is mostly for our sales force and the expansion of business into the UK market.
Over the course of the whole year, we have grown our team quite a bit as well. We are now about 15 people, but it’s not the quantity that matters, but eh quality. We manage to bring in some people that I worked with in many previous jobs (Easy Forex, FXCC, Tototheo Group, FxPro, and even as far back as PrimeTel). And by the looks of it, the team will continue to grow.
And much like in previous years, we have signed more clients, did more projects, and delivered more solutions, both locally, here in Cyprus and abroad (primarily United Kingdom).

Now let’s have a look at technology a bit more. Last year I mentioned Qobrix, but I could give you any more details. Today, Qobrix is a real thing. It’s our own platform for building business applications rapidly. We developed it to a very usable state, and built quite a few applications with it, anything from custom processes, Intranets, and all the way up to the CRMs. The platform is being actively developed and is maturing every day. We have also started building a new website that provides plenty of information for it.

Big chunks of our development effort are being released as Open Source software – have a look at our ever-growing GitHub profile. We have also contributed to a number of Open Source projects in both CakePHP and WordPress ecosystems.

We are also getting much better at this whole cloud computing thing. Our knowledge of Amazon Web Services (AWS) is growing and improving. We have more servers now, use more services, and planning to expand even further.

Overall, as you can see, this was quite an intensive year, and it doesn’t look like things are slowing down. Quite the opposite. After three years at Qobo, I have to say that this is hands down the best job I ever had (and I had some pretty amazing jobs in the last couple of decades). I’m learning a lot every single day. I see the impact of my effort on the company as a whole, on the team, and on our clients. And I am still humbled by the expertise and virtues of people around me.

I’d like to thank everybody around me for all the wisdom, tips, hard work, and joyful moments during the last year. I’ll be raising my glass tonight for many more years like this one. Cheers!

EU GDPR Helpful Resources

As a follow up to my earlier post about EU General Data Protection Regulation, here are a few helpful resources:

Getting to the GDPR: Four key use cases to jumpstart your efforts, from IBM.
Preparing for the General Data Protection Regulation (GDPR), from UK’s Information Commissioner’s Office.
Data protection self assessment toolkit, also from the UK’s ICO.

Using php-fpm as a simple built-in async queue

Here’s an interesting solution for a poor man’s asynchronous queue using PHP-FPM:

PHP-FPM already acts as a queue for Nginx/Apache FastCGI clients. While your web-request is running you can just send another FastCGI request to the same PHP-FPM socket asynchronously and non-blocking. This request is immediately executed in another php-fpm process in parallel and you could wait for it to complete or just fire and forget.

Given the experimental nature of this approach, you probably won’t be running this in production. And with many developers switching to the built-in PHP web server for the local development, this doesn’t work for those environments other.

But it makes me think what else can be used as a queuing mechanism. After all, there are plenty of systems that rely on this already – email servers, printer spoolers, web and proxy servers, and probably more.

Scheduled pipelines now available in Bitbucket Pipelines

BitBucket blog announces the support for scheduled Bitbucket Pipelines. This is super cool and has been on the wishlist for a while now. Here are a few examples of how this feature is useful:

Nightly builds that take longer to run

Daily or weekly deployments to a test environment

Data validation and backups

Load tests and tracking performance over time

Jobs and tasks that aren’t coupled to code changes

EU General Data Protection Regulation (GDPR)

Here are a few things to get you started with European Union General Data Protection Regulation (GDPR). First is a little introduction:

After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. It will enter in force 20 days after its publication in the EU Official Journal and will be directly application in all members states two years after this date. Enforcement date: 25 May 2018 – at which time those organizations in non-compliance will face heavy fines.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

And now a few key points from the Frequently Asked Questions page:

Who does the GDPR affect?
The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

What are the penalties for non-compliance?
Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors — meaning ‘clouds’ will not be exempt from GDPR enforcement.

What constitutes personal data?
Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

Interesting, right? Have a nice day now.