Engineering North Star Metrics

In the world where all of the metrics are available to be fetch and tracked, we end up on too many things being measured or worst, too little things that are being measured. It is impractical to make smart decisions based upon all available data and impossible to make any decision without data, and virtually impossible to make every metric as a priority worthy of improvement. The first challenge is deciding on what to measure, this article is intended to propose following metrics as the de jure metrics that being tracked and constantly improved going forward within tech team that I led so far.

The 4 Layers of A Team
Continue reading

On forming Technical Program Manager team at Mekari

credit

As the company growing and more product verticals are coming in, and more competitors coming in not only from Indonesia but also big players from outside the country, there are needs from stakeholders and management (C/VP levels) to ensure we are delivering our initiatives more than ever. Hence, ensuring a team to be self-organized, transparent, and great visibility of ongoing and upcoming project progress are very critical. Spotting potential delays early and doing continuous improvement on how we structure the team and do communication within the team is also essential for us to achieve effective & efficient productivity.

Continue reading

Guidance on Creating New Service

something that we definitely don’t want to happen to us 🙂

At any tech company, we work with a lot of legacy systems and monoliths. As engineers, our first instinct would be to decouple these monolithic applications into microservices architectures so we can have cleaner code and an easier system to maintain. While this is definitely a good goal to have, sometimes we focus too much on the technical side of things (architecture, scalability, implementations) and lose sight of the bigger picture. Hopefully, this document can be guidance on other aspects we should think about.

Continue reading

On Regulated-Tech in Indonesia

Note that this document created in mid-2020 where on 24 January 2020, President Joko Widodo signed the Personal Data Protection (PDP) Bill which is currently being finalized by the Indonesian House of Representatives (DPR). Upon finalization of this PDP Bill, Indonesia will become the fifth country in ASEAN to implement regulations regarding Personal Data Protection. 

For the existing Personal Data Controller, there will be a two-year period before the PDP Bill is fully effective and achieves full compliance.

The protection of personal data in Indonesia was initially focused on protection from a privacy perspective. Under the Indonesian Constitution,  the concept of privacy rights has been recognized and protected as part of the general concept of human rights. With the need to cover the sector yet to be regulated, specifically, that of the internet and electronic transaction-related activities, Law No. 11/2008 on Electronic Information and Transactions as amended by Law No. 19/2016 (collectively, the EIT Law) was passed. Even though most of the provisions of the EIT Law focus on electronic transactions, there is a notable provision that deals with personal data in the EIT Law. 

Continue reading

API Key Best Practices

API keys are required for apps and projects that being used across Mekari platforms, either GCP/AWS/Logging Tools or other third-party services. This document identifies the intended use of API keys, how to protect them as you would other credentials, and which restrictions are appropriate for your projects.

Always try to adhere Principle of least privilege*.

*The principle of least privilege states that only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary.

Continue reading