Our website uses cookies. To find out more information on the cookies we use, please head to our privacy policy.OK

Privileged Pixel Management – A New Form of PxM

Separating People from Pixels

This post is more about in the internal workings of our development team, specifically the practice of “Let’s” at Friday lunchtime. If you’re thinking about applying for a job at Osirium, hopefully this will give a flavour of what it’s like here.

For us, “Let’s” means “Let’s think about something different”. This Friday, the task is ‘write a colour generator for an Osirium logo’. We have a logo laser cut and equipped with Neopixels, normally, this sees service at various tradeshows, and in particular recruitment fairs.

Osirium logo lit up in different colours using NeoPixels

Christmas is coming, and therefore the Christmas meal. This year the Osirium ‘O’ will be going to the Christmas meal. Here’s the problem, we’ll have a team of programmers at the meal that will be wanting access to the ‘O’. Hence the need for PPM or even PNPM (Privileged NeoPixel Management).

Using code from our task engine we’ve been able to manage task access to the ‘O’ in 30 seconds slots. This means that members of the team can write colour generator tasks that get queued using their own credentials. They never get to see or use the master credentials for the ‘O’ hardware.

To mirror a real customer environment, we created a virtual ‘O’ as a UAT (User Acceptance Test). Programmers (which today includes DevOps, Infrastructure, Support, Webmasters and our Interns) can test their code against this virtual ‘O’ and then, when ready choose to submit that code to the hardware execution queue.

Task Engine showing the virtual ‘O’ as a UAT environment

Task Engine showing the virtual 'O' as a UAT environment

We’ve set up a camera using Zoom so that our remote team members can join in as well. ‘Remote First’ is a principle to which we aspire.

To quote Lego: ‘This is serious play’. I’m writing this blog as everyone is coding around me, I’m hearing the different approaches, the remote teams are chipping in via Slack and Zoom. Early on we’ve seen the StackOverflow approach to programming where people have found working examples and set about modifying them. A few people are having a dig at the security. Typically I’m hearing talk of the most elegant or least code ways of making tasks.

It’s now 30 minutes into this lets: Rainbows, Alternate Raindows, Brightness modulated rainbows have been the order of the day. Now the animation starts – and I’m intrigued to see if the planners or the grabbers will be the first of animate.

One of the more challenging generators is attempting ‘Bah Humbug’ in morse code – it should fit since there a 43 NeoPixels in the ‘O’.

Christmas Dinner is next Wednesday, Ed Sharp our Engineering Manager has said that he will accept Pull Requests up to Wednesday afternoon. The actual DOE (Dinner Operating Environment) is based on a Raspberry Pi Zero W powered by one of the USB Batteries we used to use as a give away.

As the hour approaches, the coding has become feverish, with a health queue waiting for people’s tasks to run. Senior engineers are helping out those that don’t code everyday of their lives – which helps with bonds between development and support.

Team George

Team George

54 minutes in, we’ve seen an animated rainbow, dual animated logos, split into inside/outside colour schemes, an animated face that dissolved in the to Osirium Logo, a super-fast animation (kudos for efficiency, the flashing perhaps not so much). We nearly had a working clock, and no one knew Morse well enough to verify ‘bah humbug’.

We finish off with the ‘show and tell’ where each person has 30 seconds to point out cool techniques they used. As a point of interest, no one used a ‘red and green’ Christmas theme.

In essence the people were separated from the pixels by delegating the task not the privilege, and the task had an ‘air gap’ to the pixels by SocketIO.

If your Christmas party needs its people separated from pixels then PPM is not a product that we ship. Of course you can use PxM Express. In the meantime we’ll see if we can get Ed to put the code in a public repository.

Related Articles

term->name is Task Automation

Osirium recognised in 2018 Gartner Magic Quadrant for Privileged Access Management

Osirium PLC (AIM: OSI.L), a leader in Privileged Access Management (PAM) solutions today announced it has been placed by Gartner in its 2018 Magic… Read Post

Recovery from O2 outage could have been accelerated using Osirium Privileged Task Automation

The system and process flaws that resulted in a loss of service for 23 million customers yesterday could have been resolved rapidly using Osirium… Read Post