6am Saturday the 24th I headed down to London for UK GovCamp 2015 – an unconference centered on the public sector.

As usual the was a huge variety of topics pitched, and personally I really appreciated the lack of an “introductions” session – it got things moving much faster.

My day went sonething like this:

• The other half of open source: wordpress, local GDS, github, APIs selfishness. Hosted by @simond and @danmaby
• Content strategy at scale. Hosted by @tomhewitson
• Stop me before I hack your website! and “How to do wordpress securely”. Hosted by @edent and @harrym
• Security screw-ups. Hosted by @glynwintle
• Corridor session catching up and drinking tea

Now this isn’t a full write up of the event, or even my day, but there’s a few things to highlight:

• GDS hasn’t filtered down to Local level. One was to tackle this, since Local Gov. is focussed around transactions, is to build a new middleware framework to integrate font- and back-end systems. Another tack would be a build an extensible platform, along the lines of WordPress, that could deal with creating and managing the front-end and integrate with any necesary back-end system.
• You must pentration test your site – reapeat 10 times. Particularly authoritative domains, which are high value for spammers in particular – watch for comment and hidden link spam. Think of it like an annual gas check – not a one off.
• A domain is for life, not just for… Orphaned domains can be re-registered by people with nefarious intents. This is especially dangerous if your domain is widely linked to, made even worse if they are authoratative themselves – there were some really nasty examples like the re-purposing of the Bloody Sunday and Hutton Inquirey sites.
• People are always a security weak spot – but that doesn’t mean you shouldn’t batten down the technical side. Don’t let the “script-kiddies” in.
• Password complexity requirements tend to weaken security – most people put a capital as the first letter, and punctuation (!) / number (0 or 1) as the last.
• Please(!) leave the water out all day. It’s not only at lunch time that people are thirsty – this is a speaking orientated event after all…

There’s a very interesting blogpost by @jonathanflowers that puts some thought’s I’ve had much more eloquently. I recommend you read the original but in essence – the session pitching format could do with some work. This would really increase the value of the conference to me, being able to ensure I’m in sessions that I really care about, or not – an informed decision at least.

There’s a Flickr pool of photos from the day, the tweets were all under #ukgc15, and all the liveblogs can be found by looking at the session list.