On the role of internal IT and strategic security – an interview with Łukasz Kania, CIO

UDOSTĘPNIJ

Written by: Justyna Cichocka, Employer Branding Specialist

A talk with Łukasz Kania, CIO (Chief Information Officer), about security, development, and changing perceptions of the IT team. With the #solwitteam, he has over five years of experience building and developing internal IT and managing cloud operations and Google partnerships.

kania

Łukasz, you've been with us for a few years now…

Five years, or even a bit more than that, and I remember my job interview very vividly – I applied for an IT Manager position that was becoming vacant at the time – it was all finalized. I was to take care of the local IT and the entire working environment. Due to the company’s rapid growth, the existing resources were insufficient. The IT team consisted of two people, so there was plenty to do. Damian, whom I joined then, has been working with me ever since. There has also been a great deal of change in those five years.

Also, your role has changed relatively recently!

As I took on new areas like information security three years ago, cloud strategy with Google reselling this year, and technical partnerships with Microsoft, Apple, or Google, my role no longer corresponded to that of a typical IT manager. It jumped from operational to strategic levels, hence the change to CIO.

Aside from your position, what do you see as the most significant changes?

The backbone of Solwit’s internal infrastructure was very simple when I began working with the company. We were only working with a few clients, and cloud for business topics were just in their buds. Throughout the years, as we have grown exponentially, we have also taken on more and more projects and clients – at the moment, we have over 250 computers and manage over 70 virtual machines. Additionally, we provide SLA services to external customers. Our changes and development have made a hybrid environment possible, but so has the impact of external factors. Furthermore, the concept of internal IT has changed as well.

In light of this, how has your team changed?

Initially, we dealt with user support, servers, and daily internal customer service. As time passed, the organization’s needs led to the need for hard security, and compliance, so that we could meet the policies and guidelines of a succession of new clients. We also realized we had to take more care of our own security, so we formed a security team led by Wojtek. As part of their responsibilities, they conduct pentests to ensure our organization has as few vulnerabilities as possible. We are also heavily involved in automating the management of network and server environments. We have Bartek, whose expertise allows us to focus less on day-to-day operations and more on scalability.

Service desk work has also evolved – it is no longer ad hoc work such as logging on to a computer or connecting a printer, but comprehensive business support in terms of equipment and rights, for instance, in the case of new employees and onboarding or offboarding processes.

You've talked about these changes - how has the shift in mode affected your team?

It wasn’t the most significant challenge – even though we were based 100 percent onsite, we were preparing to start working remotely without realizing we were about to get much use out of it. Security issues were a challenge – the infrastructure was set up for the office, so working from home really had to take on a new quality in terms of security. There was no paralysis; we had set our azimuth – the pandemic showed that we could operate remotely, so now most of our employees are doing their jobs from home. 

So what was the biggest challenge then?

In such a fast-growing organization, processes are a constant challenge. Despite not being a corporation, we strive to match the quality of our corporate customers. In other words, we have to shuffle priorities so that we don’t get lost, and we have to prioritize appropriately based on the composition of our team. And there are always too few hands to work, so we need to find the golden mean – we need to deliver outstanding quality, no matter the size of our team. Two of our historical moments are worth mentioning – the move from BCB1 to BCB2 building, where we built a fully redundant network environment from scratch and migrated the server room and labs in just a single weekend. I remember that connectivity to our largest client was down for only 15 minutes when the router linking the VPN hardware between the two buildings was moved. On Monday, the whole company could use a working network and access control services from early morning. The second time was the first weeks of the transition to remote working, especially in terms of ensuring seamless communication – we made the quick decision to migrate Skype messenger to MS Teams and launch weekly Coffee with the Board, which turned out to be a hit. Underneath all this, invisible to users, work was underway to adapt secure environments for remote and hybrid working, a previously rare occurrence that became everyday in March 2020.

Can you tell us more about the strategic partnership with Google that you have under your belt?

Cloud technologies and cloud reselling, the administration of these types of projects, is an integral part of supporting an organization’s environments. Whether it’s an on-premises environment or cloud services, it makes no difference – we deliver what is currently needed to teams or particular specialists. Of course, it’s essential to maintain a good relationship with Google, and our account manager is, fortunately, helping us find our way in working with such a significant partner. Let’s keep our fingers crossed for some moves in this field, and if we manage to take the next step, we’ll definitely brag about it 😊 For now, we have the status of a partner (Google Cloud Partner), which you receive after completing a certain number and volume of projects. Our next steps lie ahead.

So why don't you at least let out a little of the secret?

We will strive to achieve a higher status in the Google Cloud Partners hierarchy. This is particularly helped by the projects we do for clients using GCP – a great example is the team developing tasks for Learnetic, but it’s not only that. 

How does working with Google benefits our employees?

As Google Cloud Partner, we can apply for specific certifications, which come free of charge for us (Professional Google Architect, Professional Google Developer). Additionally, we get partner credits so our people can benefit from Google’s infrastructure. In cases where someone wants to see how IoT devices work with Google’s cloud services, we set up sandboxes or some PoCs for the purpose. I often set up such environments, which is invaluable, as you can test things out on living organisms.

We are chatting about the cloud technologies, changes, and challenges. What do you think will be around in 5 years? What will be the trend?

For sure, all IoT-related topics, robotic automation, and the creation of large, temporary on-demand environments leveraging cloud potential. The opportunity, also for Solwit, lies in big data, machine learning, and automation of the processing of vast resources. We see a fragmentation of the IT world between cloud services provided by large providers and local or hybrid environments. In five years’ time, the infrastructure of most businesses will either be hybrid or cloud-only. Ordinary data centers are slowly dying out – we will probably see colossal data centers by large providers that will further increase their IT market share.

And security?

Security is always a trend. Of course, it became hot and attractive during the pandemic, so it was fueled accordingly. But yes, security is an absolute must – we were certified in ISMS and business continuity even before COVID. People are the best firewall- if their security awareness is adequate, the organization will be safe, so we take care (and we should) to keep our knowledge up to date. Month by month – and I’m not afraid to say it – Solwit’s security is getting better and better. It’s not even just about awareness-building activities (phishing campaigns). Still, in the area of prevention, we explore the market, look for where APT groups operate, where there are some holes, and whether we have them too. We check the security risk for Solwit related to vulnerabilities, and it has gradually decreased.

Your job is very much team management and don't you miss working strictly as an engineer?

I, nevertheless, try to find time for technical work – I spend a few hours a week solving engineering tasks. It’s a completely different dimension of work that I would miss a lot if I couldn’t do it. Vision and strategy, however, require more and different kinds of responsibilities, but I don’t shy away from them.

If you’re into cloud or environment administration topics, take a peek at our job listings in the Ops category – join the #solwitteam and build your career path with us!

Najnowsze wpisy na blogu